STN-3000.04: Responsible Computing User Agreement
STANDARD SUMMARY
Intended Audience: All authorized users of University IT resources
Standard Owner: Director of Academic Technology & User Services (ATUS)
Authorized users must agree to and comply with a User Agreement in order to obtain access to IT Resources. Users are responsible for understanding their responsibilities under the User Agreement as well as related University policies that govern ethical and legal behavior.
Under the User Agreement, all users must agree to:
- Respect the rights of others.
- Respect the integrity of physical facilities and controls.
- Practice safe computing.
- Use social media responsibly.
Under the agreement, all users agree that the following are prohibited activities:
- Sharing of credentials.
- Circumventing security protocols.
- Using electronic communications to threaten, harass, or defame.
- Commercial or illegal activities.
In addition, employees must agree to:
- Refrain from soliciting, lobbying, or assisting in political campaigns.
- Limit use to de minimis use.
Failure to comply may result in loss of privileges, disciplinary action, or prosecution.
For the complete standard, click “Full Document” tab at top of page.
FULL DOCUMENT
Intended Audience: All authorized users of University IT resources
Standard Owner: Director of Academic Technology & User Services (ATUS)
1. Definitions
University Information Technology Resource (or IT Resource): Hardware, software, data, and networks that are owned, operated, or managed by the University. This includes services managed or licensed by the university on premises and in the cloud.
Authorized User: An individual who is granted access to a university IT resource as appropriate for their role at the university. Authorized Users [or Users] may be students, faculty, staff, contractors, vendors, or guests.
2. Purpose
The purpose of this standard is to educate and obtain agreement from Authorized Users of University IT resources regarding their responsibilities using IT Resources.
3. Scope
This standard applies to all Authorized Users making use of University IT Resources. The standard includes the use of personally owned devices connected to the University’s network as well as the use of any IT Resource owned, managed, or licensed by the University.
4. User Agreement
Authorized Users must agree to and comply with a User Agreement in order to obtain access to IT Resources. Users are obligated to understand their responsibilities under the User Agreement as well as related University policies that govern ethical and legal behavior.
5. Acceptable Use
Authorized Users are provided access to IT Resources in order to support their roles and responsibilities at the University. Acceptable use of IT Resources is use that conforms to the University’s policies in support of its educational, research, service, student, and campus life activities; administrative and business functions; and financial and human resource administration.
6. Responsibilities
Authorized Users are to respect the rights of other computing users; respect the integrity of the physical facilities and controls; and respect all pertinent copyright, license, and contractual agreements. It is the policy of the University that all members of its community act in accordance with these responsibilities, relevant laws and contractual obligations while applying the highest standard of ethics.
7. Security
All users are expected to comply with the University’s policy on Securing Information Systems. In accordance with this policy, all faculty and staff are required to complete annual information security awareness training.
8. Social Media
The use of social media, including both official university and personal posts and comments, shall conform to University policies.
9. Privacy
The University is committed to protecting the privacy of users and any of their electronic records with personal information in compliance with state and federal regulations. Employees may only access, use, or share Personal Information in accordance with University policies, standards, and procedures and if within the purview and authority of their job duties. Records disclosed in a Request for Information under the Public Records Act may be disclosed in a redacted format.
10. Prohibited Activities
Prohibited computing activities include, but are not limited to:
- Sharing your account password or using another user’s credentials for access.
- Falsifying an identity.
- Circumventing or attempting to circumvent security protocols.
- Assisting in, encouraging, or concealing from authorities any unauthorized use, or an attempt at unauthorized use, of any IT Resource.
- Using electronic communications to threaten, harass or defame.
- Commercial or illegal activities including illegal pornography and theft of intellectual property.
University employees have additional prohibited computing activities, including but not limited to:
- Soliciting, lobbying, or assisting a political campaign or any commercial activities.
- Activities beyond de minimis use, as determined by state ethics laws and University policy.
11. Consequences
Failure to comply with the University’s policies on IT Resources may result in loss of privileges, disciplinary action, or prosecution.
12. References
- POL- U3000.04: Computer Use-Responsible Computing
- POL-U1500.8: Using University Resources
- POL-U3000.02: Using Electronic Methods for University Communications
- POL U5400.13: Using University Property for Political Activity
- POL-U6500.02: Using Social Media at Western
- WAC 516-09 Public Records
- WAC 516-21-160 Misuse of computers, electronic data, or communication systems
Change Log
| Revised | Version | Author | Approver | Change |
|---|---|---|---|---|
| 03/26/2021 | 1.0 | John Farquhar | ITS Standards & Guidelines Committee | Original Version |