Version 1.1 Dated June 29, 2001. Pace University reserves the right to amend or otherwise revise this document as may be necessary to reflect future changes made to the I.T. environment. You are responsible for reviewing this Policy periodically to ensure your continued compliance with all Pace University I.T. guidelines.

Identity of Information Technology Resources at Pace University

Information Technology (I.T.) at Pace University encompasses the use of all campus computing, telecommunications, document services, educational media, and management information systems technologies. These I.T. resources support the instructional, research, and administrative activities of the University. Examples of these resources include, but are not limited to, the central administrative, academic and library computing facilities; the campus-wide data, video and voice networks; electronic mail; video conferencing systems; access to the Internet; voice mail; the University switchboard; fax machines; photocopiers; classroom audio-video; departmental and general use computing facilities and related services.

Appropriate Use of I.T. Resources

Users of these services and facilities have access to valuable University resources, to sensitive data and to external networks. Consequently, it is important for all users to behave in a responsible, ethical and legal manner. In general, appropriate use means understanding the intended use for Pace I.T. (and making certain that your use complies); respecting the rights of other Pace information technology users; maintaining the integrity of the physical facilities, and obeying pertinent license and contractual agreements.

Guidelines

This document establishes general guidelines that apply to all users of I.T. resources owned or managed by Pace University, including but not limited to Pace students, faculty, staff, external individuals (such as Pace contractors) or organizations and individuals accessing external network services, such as the Internet, via Pace's Information Technology facilities.

The policies described in this document apply to all information technology owned or managed by Pace University and represent the minimum appropriate use policies for I.T. Individual departments may have additional (and more restrictive) policies regarding I.T. resources held in those departments. Departmental users should contact their Information Management Officer (IMO) for more information about I.T. policies in a specific department. It is strongly recommended that each department appoint at least one IMO designated to provide first level I.T. support, receive training with the DoIT organization; and exchange pertinent I.T. information between DoIT and the department.

Part II: Guidelines for Appropriate Pace I.T. Use

The following list, while not exhaustive, provides some specific guidelines for appropriate I.T. use:

1. Use Pace's Information Technology facilities and services for Pace University related work, not for personal or other than Pace business work. Pay particular attention to abuse of photocopiers, local and long distance phone calls, fax machines, the Internet and the local Pace networks.
2. Pace University encourages Information Technology literacy for its students, faculty and staff. As such, Pace University allows its electronic mail system and personal World Wide Web pages to be used by students, faculty and staff for reasonable and limited personal use. For example, occasionally sending electronic mail to family and friends is allowed, as is the hosting of a Personal Web Page on http://webpage.pace.edu.  In all cases, this "Personal Use" must conform to the guidelines established herein, especially 10. below, dealing with the prohibition of personal financial gain.
3. Use only the Information Technology facilities for which you have specific authorization. Do not use another individual's ID or account, or attempt to capture other users' passwords. Users are individually responsible for all use of resources assigned to them; therefore, sharing of IDs is prohibited.
4. Observe established guidelines for any information technology facilities used both inside and outside the University. For example, individuals using Pace's Computer Resource Centers must adhere to the policies established for those centers; individuals accessing off campus computers via external networks must abide by the policies established by the owners of those systems as well as policies governing use of those networks.
5. Do not attempt to alter, delete or destroy any software on any Pace I.T. system. This constitutes a violation of appropriate use of I.T. facilities no matter how weak the protection is on those products.
6. Your use of Pace I.T. facilities and services is subject to and conditioned upon your compliance with state and federal laws and University policies, including disciplinary policies.
7. Respect the privacy and personal rights of others. Do not access or copy another user's electronic mail, data, programs, or other files without permission. Pace endorses the following statement on software and intellectual rights distributed by EDUCOM (now EDUCAUSE), the non-profit consortium of colleges and universities, committed to the use and management of information technology in higher education. The statement reads:

Respect for intellectual labor and creativity is vital to academic discourse and enterprise. This principle applies to work of all authors and publishers in all media. It encompasses respect for the right to acknowledgment, right to privacy and right to determine the form, manner and terms of publication and distribution.

Because electronic information is volatile and easily reproduced, respect for the work and personal expression of others is especially critical in computer environments. Violations of authorial integrity, including plagiarism, invasion of privacy, unauthorized access and trade secret and copyright violations, may be grounds for sanctions against members of the academic community.

8. The University policies on plagiarism or collusion apply to uses of I.T. resources in course assignments.
9. Abide by all applicable copyright laws and licenses. Both University policies and the law expressly forbid the copying of software that has not been placed in the public domain and distributed as "Freeware" or "Shareware". Users are expected to abide by the requirements of shareware agreements. Each individual department or department IMO is responsible for keeping records and original licenses of departmental software installed on office systems. DoIT will maintain university wide site licenses.
10. In order to avoid jeopardizing the University's tax-exempt status, do not use Pace I.T. facilities and services for personal financial gain or in connection with political activities, without prior written approval in each instance. Contact the Vice President of Information Technology for detailed information.
11. Use appropriate standards of civility and common sense when using I.T. systems to communicate with other individuals. Do not use e-mail to transmit confidential information relative to personnel matters, internal investigations and litigation. When sending personal messages t other users, participating in a Chat Room discussion, posting on electronic bulletin boards or leaving a voice mail message, identify yourself as the sender. Using Pace's I.T. resources to harass, slur, embarrass or demean other individuals is explicitly prohibited.
12. Be sensitive to the needs of others, and use only your fair share (what a reasonable person would consider fair) of computing, faxing, dial-up networking and telephone resources. For example, users of shared resources, such as Pace dial-up Internet connections or the PCs in the Computer Resource Centers, should use these facilities for only the most essential tasks during periods of peak demand. Broadcasting non critical messages to large numbers of individuals (Spamming) and sending chain letters are examples of activities that cause network congestion and interfere with the work of others, and are prohibited. Use the available online and telephone company directories to look up the numbers yourself to save the University additional telephone service charges.
13. Treat I.T. resources and electronic information as a valuable University resource. Protect your data and the systems you use. For example, back up your files regularly. Set an appropriate password and change it regularly. Passwords should not be any easily remembered word or phrase. Select a random string of letters and numbers with a recommended length of at least 8 characters (if the system allows). Make sure you understand the access privileges you have set for your files. Do not destroy or damage any I.T. equipment, networks or software. The willful introduction of computer code that compromises the integrity of a system, such as viruses and worms, into the Pace University computing environment or into other computing environments via Pace's network violates University standards and regulations. This may result in a range of penalties from termination of user access to Pace I.T. resources to the expulsion/removal from the University.
14. Stay informed about the Pace I.T. environment, as it is continually evolving to keep pace with academic and the demands of our students. Pace disseminates information in a variety of ways, including the DoIT Announcement page (also known as DoITNews) on the Web, the Pace Home Page, logon messages, the IMO listserv, and online documentation regarding software policy and procedures; in published newsletters (e.g. Opportunitas, Pace Press, New Morning); at meetings; and, in some cases, as announcements/memos mailed to departments/individuals. Users are responsible for staying informed about these changes and are expected to adapt to change in the University I.T. environment.

1. Access to I.T. Resources

Central I.T. Resources

Undergraduate and graduate students, faculty, administrators, staff and recognized student organizations may obtain IDs for use with the central I.T. activities related to instruction, research or university administration.

In the event that any student, faculty, administrator or staff person leaves, resigns or in any way concludes his or her relationship with Pace University for whatever reason, access to all I.T. resources, including voice mail and email services, will be terminated immediately.

Other I.T. Resources

Most of Pace's I.T. facilities and services -- such as the Computer Resource Centers, the Computer Equipped Classrooms, Video Conferencing rooms, consulting services, voice mail, and training-- --are available to members of the University community. DoIT plans and budgets for central I. T. services. However, these services are not free. Users/departments may be required to fund the additional expense of excesses (based on historical, normal utilization) or abuses of Pace I.T. resources (expenses beyond the baseline budget). For more detailed information about access to any facility or service, visit the DoIT home page at http://www.pace.edu/DoIT, email DoIT@pace.edu, phone DoIT at 914-773-3648 or visit the Computer Resource Center on your campus.

Departmental I.T. Resources

For information concerning access to departmental I.T. resources, contact your department's IMO or Department Chair.

Remote Access to I.T. Resources

Pace computer users have remote, direct dial-up access to the University's network. To accommodate the high volume of incoming calls, users are allotted reasonable time (based on historical, normal utilization) to access the Internet, Intranet and email as well as to download files. However, when computer users routinely require additional access time, they are encouraged to subscribe to an external Internet Service Provider such as ATTGlobal's Internet Connection for Education (ICE). Subscription information for the ATTGlobal ICE program may be found on the DoIT web page.

2. Data security and Integrity

DoIT Maintained Equipment

DoIT provides reasonable security against intrusion and damage to files stored on the central I.T. facilities. DoIT also provides some facilities for archiving and retrieving files specified by users, and for recovering files after accidental loss of data. However, other users can hold neither the University nor any I.T. staff member accountable for unauthorized access, or can they guarantee protection against media failure, fire, floods, etc. Users should use all available methods to protect their files, including the frequent changing of their passwords and storing back-up copies of information off site. In the event that data have been corrupted as a result of intrusion, DoIT should be notified immediately. Every reasonable attempt will be made to restore files to their status prior to intrusion; however, DoIT cannot guarantee restoration.

Upon request, the I.T. staff will assist in implementing procedures to maximize security. Although DoIT backs up some departmental servers and makes reasonable attempts to protect those servers from intrusion, it does not provide the same level of protection or offer restoration of files stored on departmental servers. Therefore, it is especially important that users back up their files and use all available means to protect their data on departmental systems.

The Central Pace Information Technology organization (the Division of Information Technology, DoIT), led  by the University's Chief Information Officer/VP, Information Technology, reserves the right to manage the University's voice, data and video bandwidth. Criteria for bandwidth management involves the integrity and robustness of University owned equipment, data, and services as well as the appropriateness of bandwidth use when compared to the University's Academic goals, Administrative missions, and Appropriate Use Policy for Information Technology.

Departmental Facilities

Data security and integrity in departmental I.T. facilities varies depending on the department. Users should contact their department's IMO for more information on their security and data integrity procedures.

3. Privacy

Access by I.T. Staff on Behalf of the University

Although not legally required to do so, the University respects the privacy of all users. Members of the DoIT organization are are forbidden to log onto another user's account or to access a user's files unless the user gives explicit permission (for example, by setting file access privileges). Exceptions to this privacy policy are made, however, under specific conditions. Such conditions include investigation of programs suspected of causing disruption to the network or other shared services; investigation of suspected violations of state or federal law or University policies; and investigations to avoid liability or in connection with internal hearings or litigation. In these instances, the Vice President of Information Technology, upon consultation with University Counsel, must be convinced that there is sufficient cause to files before those files can be searched without the user's permission.

Before logging onto a user's account or accessing a user's private files, a reasonable attempt will be made to contact the user to inform him or her that DoIT will access the files. If that is not possible, the Vice President of Information Technology will view the files for the suspected violation and will inform the user afterward that the files have been reviewed. Information obtained in this manner is admissible in legal proceedings or in a University hearing. In accepting a user account, the user agrees to this policy.

Access by Administrators of Departmental I.T. Systems

The administrators of departmental I.T. systems, such as IMOs, should not access a user's files without the explicit permission of that user or monitor file traffic at a level which will print intrusion into the file contents. However, some exceptions may be necessary, for example, when a file is suspected of causing disruption to a local network or other shared services and a user cannot be reached. Furthermore, information about system users and information stored by them should be treated as confidential. Individual departments may have guidelines consistent with University policy which deal with access issues of their I.T. resources.

Electronic Communications

Users should not expect privacy of any electronic communications. I.T. systems' administrators may see the contents of electronic communications due to serious addressing errors or as a result of maintaining the communications systems. In those cases where administrators do see the contents of private electronic communications, they are required to keep the contents confidential. Users should also be aware that the current design of the networks is such that the privacy of the electronic communications leaves Pace cannot be guaranteed. Also, when a user's affiliation with Pace ends, e-mail subsequently received at Pace that is addressed to the former user will either be returned to the sender or, if appropriate, forwarded for an agreed upon limited time, to an address specified by the former user.

4. Ownership of copyright for materials developed with Pace's Resources

Pace University has established guidelines related to ownership of copyright property. The exact policies and procedures relating to copyright may be obtained from the office of University Counsel.

5. Responsibility for Errors in Software, Hardware, and Consulting

DoIT, in conjunction with department IMOs, make its best effort to maintain an error free I.T. environment for users and to ensure that the I.T. staff is properly trained. Nevertheless, it is impossible to ensure that I.T. system errors will not occur or that I.T. staff will always give correct advice. Pace presents no warranty, either expressly stated or implied, for the services provided. Damages resulting directly and indirectly from the use of these resources are the responsibility of the user. However, at the request of the user, when errors are determined to have occurred on I.T. facilities, members of the I.T. staff will make a reasonable attempt to restore lost information to its state prior to the failure, at no cost to the user. As part of maintaining the I.T. environment, the I.T. staff applies vendor supplied or locally developed fixes as appropriate when problems are identified. Given that vendors may be involved and that staff resources are finite, no guarantee can be made as to how long it may take to fix an error once it has been identified.

When software errors are considered major problems or could produce inaccurate results, users will be notified as soon as possible using appropriate electronic and/or other media.

6. Changes in the Pace I.T. Environment

When significant changes in hardware, software or procedures are planned, Information Management Officers (IMOs) will notify their departmental user community through electronic and other media to ensure that all users have enough time to prepare for the changes and to voice any concerns that they might have.

7. Comments, Suggestions, Corrections, etc.

Pace Information Technology Users are invited to submit comments, suggestions, corrections, etc., regarding this policy.

Email to: doit@pace.edu or Call: 914-773-D.O.I.T (3648)