A variety of computer resources are currently available at Nazareth, from local area networks that provide access to PC and Mac based software, to wide area networks such as the Internet, including wireless internet and cloud-based or hosted services (the “Computing Resources”). All users are required to follow this Code of Conduct when using these resources.

Any information stored on College computers, or with third party providers under contract by the College, is stored digitally in multiple live and backup sources and, aside from the usual difficulties of guaranteeing confidentiality, is always subject to "discovery" by means of subpoena. Although the College may seek appropriate legal counsel, users should assume that the college will cooperate with outside agencies investigating violations of local, state, or federal law, including but not limited to copyright infringement (this should be specifically noted with respect to downloaded music, videos, etc.).

Procedures such as deleting files and reviewing accounts to ensure effective and secure use of and access to the College Network and computing resources may be necessary during the normal operation of the College's computer systems. If either as a result of this routine work, or as the outgrowth of a reasonable report or request from other individuals or agencies, the Chief Information Officer determines that a possible violation of this Code has occurred, he/she may authorize that an account or other technology asset be investigated or retained by Information Technology Services staff or other appropriate staff members.

Violation of the Code or abuse of the privilege of using the College Network and the College’s computer resources can lead to:

• Loss of computing privileges
• Disciplinary action
• Criminal Prosecution

The Nazareth College Computing Code of Conduct includes, but is not limited to, the following rules. Questions about the Code should be directed to the Chief Information Officer.

1. You must keep your password secure and confidential.
   
   
2. You may not let another person access your account.
   
   
3. You may not possess or attempt to possess another user's password
   
   
   • Exceptions to (1), (2) and (3) may be permitted, but only for academic or administrative reasons and with approval by the Chief Information Officer. All individuals are responsible for the security of the accounts and equipment assigned to them, and of equipment owned by them and connected to college owned facilities. Any policy or security violation traced back to a certain account or resource will be assumed to be the responsibility of the person assigned or owning that resource, regardless of who committed the violation. Only institutionally approved individuals, and only in their roles as server or shared-resource managers for other users, are excluded.
     
     
4. You may not copy, retain, or distribute copyrighted or proprietary material without written consent of the copyright holder. This applies to computer software, documentation, music and video files, and other tangible and intangible assets protected under U.S. copyright and patent laws. This includes the use of the College Network as a vehicle for copyright infringement, regardless of ownership of the computer or storage medium involved, and regardless of the College's arrangement with any third party to provide or manage the College Network. Regardless of whether any profit is made from copyrighted material, it is illegal to provide uncontrolled access to such material (as would usually be the case in peer-to-peer file sharing programs).
   
   
5. The number of simultaneous users for a piece of software may not exceed the number authorized in the copyright, purchase, or license agreement for that software.
   
   
6. You may not use false or misleading identification to gain access to any Computing Resource.
   
   
7. You may not access the College Network in order to carry out any unauthorized use of the College Network or computing resources.
   
   
8. You may not use a College account for any purpose other than that for which you are authorized.
   
   
9. You may not use the College Network, including any Computing Resource, for personal profit or commercial gain or to act on behalf of any political party or candidate for public office. Employees who are engaged in professional fee-based consulting relationships, where the professional nature is related to their professional position at Nazareth, may use the College Network and computing resources for communication with existing clients, but not for advertising or promoting.
   
   
10. You may not change, copy, delete, read or otherwise access files or software without permission of the owner (in the case of user files), authorized supervisor (in the case of departmental data files)  or system administrator (in the case of system specific files).
    
    
11. You may not attempt to prevent others from accessing any Computing Resource. This includes, for example, monopolizing a computer that contains software needed for course work, deliberately crashing or slowing down any system, posting of mass mailings or chain letters, or executing additional log ins.
    
    
12. You may not attempt to bypass accounting or security mechanisms, or attempt to circumvent protection schemes or uncover security loopholes. If you find a security loophole, you are required to report it to the Chief Information Officer immediately.
    
    
13. You may not use any Computing Resource, including the College Network itself, to attack, disable, or gain unauthorized access to any other Computing Resource or private device accessing the College Network either on or off the Nazareth campus.
    
    
14. All personally owned equipment connected to the College Network or accessing College data  must comply with reasonable industry security standards (for example, a PC or Mac must be running an effective and currently updated anti-virus software package and must have all operating system patches installed.)
    
    
15. If  you use a phone or other mobile device, regardless of ownership (College, personal or 3^rd-party), to access  Nazareth e-mail or data, you must protect the device with a secure passcode.
    
    
16. You may not attempt to harass anyone – either on or off campus -  using any Computing Resource or any computer system that is connected to the College Network. This includes, for example, sending libelous or threatening messages, or generating or facilitating unsolicited bulk commercial emails.
    
    
17. By using a Computing Resource or accessing the College Network, you agree to abide by and not otherwise violate any rules in the Nazareth College Student Handbook, Academic Integrity Policy, faculty or staff manuals, or other college policy statements, or any local, state or federal laws.
18. You may not attempt to compromise the privacy of others. This includes, but is not limited to, the installation of traffic sniffers, key loggers, etc. or any other hardware or software designed to capture information.
    
    
19. Individuals who store or transmit sensitive or confidential information on their computers are accountable for that information and must make sure the appropriate security measures (encryption, etc.) are in place. Further guidance regarding the storage, transmission and protection of sensitive or confidential  information may be found in the college’s Information Security Policy which can be found at https://www2.naz.edu/its/security-privacy-policies/policies/ .
    
    
20. You must follow the code of conduct of any local area or wide area network (including the Internet) to which the College is connected.
    
    
21. The College reserves the right to deny access to or remove, without prior notice, any technical resource (computers, software, network devices, etc.) that it deems a security or network risk.
    
    
22. Nazareth College employees are responsible for all equipment assigned to them.  Employees may not loan or transfer equipment to others without first notifying Information Technology Services.

2.       Web Access Policy

Nazareth College Information Technology Services reserves the right to restrict access to certain web sites or web resources, for example::

• If access to certain sites or resources is expected to create a substantial load (excessive bandwidth usage) on the institution's internal network or Internet access conduit, and the resource that is being accessed has limited educational benefit, the College may restrict access to the website or resource. Examples of this kind of site are high volume music download sites, and personal videoconferencing or voice communications.
• Access may be restricted if the Internet site or resource requires that special ports be opened in the institution's firewall, thereby creating added security risks for unauthorized intrusions. Again, this is for sites or resources that have limited educational benefit. Examples of this kind of site are some highly interactive computer games.

3.       Warranty Policy

It is your responsibility to ensure that you have a warranty service provision for your personally-owned or third-party-owned computer or mobile device. Nazareth employees will not be in a position to service your personally-owned or third-party-owned computer or mobile device or install devices/software for you.

4.       Virus Protection Policy

Information Technology Services requires that ALL computers brought to campus have anti-virus/anti-malware software installed and that you regularly update the software.. A subscription may be required to keep your software updated. Information Technology Services reserves the right to disconnect any computer from the campus network if it is found to be infected with a computer virus. The College's current standard for anti-virus software is Symantec Endpoint, but other industry-standard packages are also acceptable.

Version:                      2.0 

Approval Date:          September 4, 2015

Effective Date:           September 4, 2015

Approval Authority: Vice President for Finance and Administration

Policies and procedures are subject to review and may be modified at any time.  Policies and procedures will be periodically, formally reviewed by the Information Technology Services Management Team.  Final approval for any changes to this policy will come from the Chief Information Officer and the Vice President for Finance and Administration.