2.10 Technology Use Policies

2.10.1 All College Computer and Network Use Policy

When you are granted access to a shared computer system or computer network you become part of a community of users. The Ithaca College All College Computer and Network Use Policy applies to all users of College computers and network resources. Additional policies may also apply to specific systems (such as the CWIS policy for information posted on the Ithaca College Web server). Questions about this policy should be addressed to the associate vice president for information technology services (its@ithaca.edu).

1. Individual use

Your account and network connection (ResNet or office) are for your individual use. A computer account is to be used only by the person to whom it has been issued. You are responsible for all actions originating through your account or network connection. You must not impersonate others or misrepresent or conceal your identity in electronic messages and actions.

2. Respect the privacy and security of users and systems

Unless information is specifically made public or accessible to you, you should assume anything on the network is private. Just because you may have the ability, through a loophole, someone's carelessness, etc., to access files, directories, or information that does not belong to you, you do not have the right to do so. Any attempt to circumvent computer, network or file security or to take advantage of security lapses is prohibited.

3. Do not disturb other users or abuse computer resources

Disruptive and/or invasive actions using computer systems and networks are strictly prohibited. Examples of this include, but are not limited to, viruses, threatening or harassing messages, "spamming,"2 packet sniffing, self-perpetuating programs, excessive volume of file transfers, network traffic or printing, and other programs, files, hardware, software, or actions that deliberately or unintentionally degrade or disrupt system or network performance, compromise or circumvent system or network security, or interfere with the work of others.

The use of network hubs, routers, wireless access points, or other devices designed to share your network connection with multiple computers or devices is expressly prohibited.

Individuals are required to take reasonable precautions to ensure that their systems are secure -- this includes maintaining current virus detections software at all times on their system(s).

4. Respect intellectual property

The use of campus computer resources, including ResNet, to share or distribute copyrighted material to others without the permission of the copyright holder is prohibited. This includes, but is not limited to, using peer-to-peer applications (ex: KaZaAa) to share these files. The burden of proof of ownership or obtaining permission from the copyright owner is upon the account holder. Upon receiving proper notification, as defined by the Digital Millennium Copyright Act, of a potential infringing activity, we will where possible remove or block access to the material in question. Reports of repeated copyright infringements will lead to termination of computer/network services and/or other College/legal actions.

5. Access to computer accounts & networks / Non-commercial use only

Ithaca College will make reasonable efforts to have its computer systems and networks available at all times. However, as part of regular maintenance and other planned and unplanned activities, systems & networks may be unavailable at any particular time. Ithaca College reserves the right to restrict or terminate access to its computer & network resources as necessary. Ithaca College computer systems and networks are for non-commercial individual use related to the educational mission of the College by its faculty, staff and students, and for approved College business activities.

6. Abide by the regulations; don't break the law

All users must abide by all college rules and policies, as well as local, state and federal laws. This includes, but is not limited to, other Information Technology Services' policies; the Ithaca College Student Conduct Code and other College policies; local, state and federal regulations.

7. Privacy

ITS follows industry practices and routinely monitors network traffic to ensure the proper functioning and equitable utilization of the College's computer resources, but by policy does not routinely monitor the contents of user files, messages or network transmissions. However, given the nature of computers and electronic communications, we cannot guarantee the absolute privacy of your files and information. You must take reasonable precautions and understand that there is a risk that in some circumstances others can, either intentionally or unintentionally, gain access to files and messages. Where it appears that the integrity, security or functionality of the College's computer or network resources are at risk or in instances of abuse of College policies, codes, or local, state or federal laws, Ithaca College reserves the right to take whatever actions it deems necessary (including, but not limited to monitoring activity, scanning specific machines, and viewing files) to investigate and resolve the situation.

8. Restrictions

The College may impose restrictions on the use of its computer and network systems and/or take additional actions in response to complaints presenting evidence of violations of this or other College policies, codes, or state or federal laws.

Reporting Violations

If you believe that a violation of this policy has occurred, you should contact the Information Technology Services' Computer Abuse Administrator at computer_abuse@ithaca.edu or by calling 607-274-3030. In cases where you feel that an individual's health or safety appears to be in jeopardy you should immediately contact the Office of Public Safety at 607-274-3333.

This policy will be updated periodically. Updates will be posted here and at http://www.ithaca.edu/its/general/policies/

2.10.2 Ithaca College Web Policy

Note: This policy replaces the Campus-Wide Information Systems (CWIS) policy.

Table of Contents
Scope of Policy
Purpose of Ithaca College Websites
Oversight
Responsibility for Web Presence
Responsibility for Web Content
Responsibility for Web Infrastructure
Responsibility for Web Design
Policy on Content
Policy on Information Security
Website Protocol

Scope of Policy
This policy applies to websites and applications that are owned and operated by, or operated on behalf of, Ithaca College.

Purpose of Ithaca College Websites
Ithaca College websites are intended to facilitate the dissemination of accurate and timely information about and from Ithaca College to the community; to enhance the efficiency and expand the services of campus administrative, academic, and student support programs; to provide connection between and among campus constituents; and to support the College’s enrollment, marketing, and development initiatives.

Oversight
The Web Strategy Group (WSG) is responsible for providing executive oversight for the College’s web presence. The group reviews and approves web-related policies and guidelines, and it identifies strategic web-related resource needs.

WSG Membership (under review, Fall 2009)

  • Vice President for Finance and Administration*
  • Vice President for Enrollment Management*
  • Designee for the Vice President for Student Affairs
  • Associate Provost
  • Associate Vice President for Information Technology Services
  • Director of Admission
  • Executive Director of Marketing Communications**
  • Director Enterprise Application Services**
  • Associate Director of Web Marketing
  • Manager of Web Development

*liaison to President’s Cabinet and Budget **co-chair of the Web Strategy Group


Responsibility for Web Presence
The Offices of Marketing Communications and Information Technology Services (ITS) jointly share day-to-day responsibility for managing the College’s web presence.

Members of the campus community maintain a significant proportion of the College’s web presence via distributed content management tools.

Responsibility for Web Content
A primary content manager (PCM) must be designated for each website, page, or document. This individual is responsible for the creation, maintenance, and/or oversight of that content, and for ensuring that it is accurate, remains current, is appropriate for online use, and complies with the policies established by the WSG. The PCM may, where appropriate, delegate some or all of these responsibilities to others. However, the PCM is ultimately responsible for actions of their delegates and the integrity of their site. A PCM must be a current member of the campus community, a faculty retiree, or an alumnus. Information about creating and maintaining Web content can be found at http://www.ithaca.edu/its/services/web.


Responsibility for Web Infrastructure
ITS is responsible for building and maintaining the College’s web technical infrastructure, including maintaining the network, server hardware and software, content management services, web applications, and developing software tools to help automate document maintenance processes.

Wherever possible websites will be managed via one of the College’s web content management systems (e.g., Web Profile Manager, LCMS).

Responsibility for Web Design
With oversight from the Web Strategy Group, the Offices of Marketing Communications and Information Technology Services jointly share responsibility for establishing, maintaining, and implementing the Ithaca College web brand, which is the overall look and feel of the College’s websites.

The College reserves the right to enforce the use of design and navigation standards (including the use of specific design templates) throughout its web servers to ensure usability, accessibility, and brand consistency.

Policy on Content
Most material on the College’s web servers is produced by the Ithaca College community, but, except for designated pages, is neither approved nor verified by Ithaca College.

The College reserves the right to remove, without notice, any content that it determines, at its sole discretion, violates College policies, practices, or state or federal laws, or that it determines is otherwise inappropriate. The director of enterprise application services, in consultation with the appropriate vice president, is responsible for facilitating this process.

The PCM is responsible for ensuring that information on the College’s web servers complies with the following standards:

  1. Must be suitable for distribution to and interaction with both the campus community and the rest of the world.

    Some examples of suitable material are

    • Calendars or announcements of upcoming events
    • Descriptions of services and programs offered
    • News of achievements or programmatic changes
    • College policies specific to individual units

Some examples of material that would be considered inappropriate are

    • Commercial advertisements, endorsements, or logos except when used to recognize sponsorship, further the academic mission of the College, or promote a College business service offering
    • Material that is illegal
    • Private/compliant and protected information (i.e. confidential information). Examples include Social Security numbers, class lists, birth dates, credit card information.
    • Disclosing information about a student who has filed a request with the college to have his or her directory information withheld.

2. Materials should be checked for accuracy and should be updated regularly.

3. The use of copyrighted material must comply with the College’s Copyright Policy and Guidelines (http://www.ithaca.edu/attorney/policies/vol2/Volume_2-232.htm).

4. Pages should be designed to avoid confusion or duplication with official pages.

5. Every web page must contain the following information:

    • The name, organization, and contact information of the individual responsible for maintaining that information or page
    • The last revision date
    • Any known problems with the information

6. In addition, every department or other officially recognized College organization's home page must contain

  • A link to the Ithaca College home page
  • The words "Ithaca College" to help identify the page as part of the overall Ithaca College site
Policy on Information Security
Ithaca College web services are accessible via the global Internet. Private/compliant and protected (i.e. confidential) information should not be posted unless appropriate security restrictions are enabled.

To ensure the security of our systems and services, ITS may restrict the types of services and tools available to campus web developers. Where possible, the campus community will be required to utilize one of the content management systems to maintain their sites.

Only members of the campus community, faculty retirees, alumni, and third-party web developers approved by ITS will be given access to our systems for the purpose of content creation or management. The College reserves the right to remove, without notice, any programs, code, or sites that, at its sole discretion, may present security or performance risks.

Website Protocol
All College websites are for non-commercial individual use related to the educational mission of the College by the campus community, faculty retirees, and alumni and for approved College business activities. In addition, web content providers must abide by all College policies, including, but not limited to, the Ithaca College All-College Computer and Network Use Policy.

Individual Sites
Examples:

  • Faculty – Faculty Profile
  • Staff – Staff Profile
  • Student – ePortfolio
  • Alumni – Alumni ePortfolio

Individual sites will be removed as follows:

  • Faculty & Staff Profiles – upon last day of employment with the college. Faculty profiles for Ithaca College faculty retirees may remain indefinitely.
  • Student ePortfolios – 90 days after a student graduates. Upon graduation a student can choose to have their eportfolio converted to an alumni eportfolio.
  • Student Web Space – Upon graduation or departure from the College.
  • Alumni ePortfolio –May remain indefinitely, provided the individual renews it annually.

Note: In cases of involuntary separation, the College reserves the right to terminate accounts immediately.

Departmental / Organizational Sites
These sites are to be used to provide a web presence for an officially recognized Ithaca College department, organization, office, school, division, or program. The creation of these sites and designation of a primary content manager requires the approval of the head of the organization (e.g., director, dean, VP) being represented, and in the case of a student organization, the additional approval of the Center for Student Leadership and Involvement. Accounts for student organizations must be renewed each academic year.

Examples:

  • Academic Department Profiles
  • Schools and Division Sites and Profiles
  • Administrative Office Sites and Profiles
  • Special Program Sites and Profiles
  • Student Organization Profiles

Course Sites
The College’s official learning management system is Blackboard. Any instructor can create a course site in Blackboard by using the Blackboard course activation tool in HomerConnect.

In addition, information providers must abide by all other Ithaca College policies and procedures.

2.10.3 Wireless Network Policy

1. Purpose

The purpose of this policy is to secure and protect the information assets owned by Ithaca College. Ithaca College provides computer devices, networks, and other electronic information systems to meet its mission, goals, and objectives. Ithaca College grants access to these resources according to an individual’s role and must manage them responsibly to maintain the confidentiality, integrity, and availability of all information assets.

This policy specifies the conditions that wireless infrastructure devices must satisfy in order to connect to the Ithaca College network. Only those wireless infrastructure devices that meet the standards specified in this policy or are granted an exception by Information Technology Services are approved for connection to the Ithaca College network.

2. Scope

This policy addresses the requirements of Wireless deployments, Wireless usage, and Wireless airspace usage. All employees, students, contractors, consultants, temporary workers, and others who use the Ithaca College network, including all personnel affiliated with third parties that maintain a wireless infrastructure device on behalf of Ithaca College, must adhere to this policy. This policy applies to all wireless infrastructure devices that connect to the Ithaca College network or reside at an Ithaca College owned, leased or rented site that provide wireless connectivity to endpoint devices including, but not limited to, laptops, desktops, cellular phones, and personal digital assistants (PDAs). This includes any form of wireless communication device capable of transmitting packet data.

3. Policy

  • Wireless Deployments

    Standards supported:

    • IEEE 802.11n is the preferred wireless networking standard. 802.11g, 802.11b, and 802.11a will be available, where necessary.
    • IEEE 802.1X is the authentication standard. Additional security procedures may be applied as needed.
    • WPA2 with AES encryption will be the only secure standard used.

    Service Set Identifier (SSID)

    There shall be two SSIDs broadcast by the wireless deployment.

    • ICAirnet – For visitor Internet access and access to installation instructions and tools needed to access ICAirnet-Secure (see below).
    • ICAirnet-Secure – For roles-based access to the network. Only devices authenticated via Ithaca College account credentials may access this SSID.

    Wireless Service Considerations

    • Wireless networking has bandwidth limitations compared to the wired network. The wireless network should be viewed as augmenting the wired network, to provide more flexible network use. Applications that require large amounts of bandwidth, or are sensitive to changes in signal quality and strength may not be appropriate for wireless access.
    • Wireless technology is and will for the foreseeable future be a shared bandwidth technology. Some protocols and services will not effectively work in, or may be inappropriate for, a wireless environment.

    Wireless IP Addresses

    • DHCP is the standard addressing method for the IC wireless networks, and is expected to meet the majority of customer requirements.
    • Wireless is a dynamic service. Due to the dynamic nature of wireless, IP space serving the campus will change over time due to capacity re-engineering.

Restrictions

  • Ithaca College policy requires that all deployments of wireless infrastructure be installed and maintained by ITS. Installing departmental or do-it-yourself wireless access points is prohibited to avoid possible interference with the IC wireless network, unnecessary impact to the wired network and to minimize undue security risks to the College. Additionally, in areas where centrally-managed wireless networking is available any pre-existing locally managed access points must be removed.
  • Use of the wireless network is subject to the established policies for use of IC campus network services. (e.g. All College Computer and Network Use Policy)
  • Only devices authenticated via Ithaca College account credentials may access network resources on the IC network that are not Internet facing.
  • Unauthenticated visitors will be able to access only the Internet by accepting the policy restrictions on usage and providing their email address.

  • Wireless Usage

    Authenticated Access

    Role-based access to the network shall be established using the user’s Ithaca College account credentials. All data transactions shall be encrypted and secured by the protocols listed in the Supported Standards section above. Services allowed through the wireless network should be substantially identical to those for wired access. Role based users will be limited to those same services they are permitted to access via wired network controls.

    Visitors

    Visitors shall have free access to the Internet only. They shall be limited to only those TCP/IP protocols listed in Table 1. In general, standard Web access, Secure Shell access, Instant Messenger access, email access, sending email via secure methods, and Remote VPN access are permitted by these protocols.

Source 
Destination
Service
Action
Guest Wireless VLAN
All
 HTTP
allow
Guest Wireless VLAN
All
 HTTPS
allow
Guest Wireless VLAN
All
 SSH
allow
Guest Wireless VLAN
All
 AIM/5190/TCP
allow
Guest Wireless VLAN
All
 YAHOO/5050/TCP
allow
Guest Wireless VLAN
All
 MSN/1863/TCP
allow
Guest Wireless VLAN
All
 Google Chat/443/TCP
allow
Guest Wireless VLAN
All
 iChat/5190, 5298/TCP
allow
Guest Wireless VLAN
All
 POP
allow
Guest Wireless VLAN
All
 IMAPS
allow
Guest Wireless VLAN
All
 IMAP
allow
Guest Wireless VLAN
All
 SMTPS
allow
Guest Wireless VLAN
All
 All ports needed for PPTP
allow
Guest Wireless VLAN
All
 All ports needed for IPSEC
allow
Guest Wireless VLAN
All
 All
drop

Table 1

Device support

All supported PDAs and Laptops shall be able to, at a minimum, access the Internet through the Visitor role.

  • Wireless Airspace


To provide wireless access, the radio frequency airspace of the campus serves as the transport medium for this technology. Wireless networks operate on the campus shared and finite airspace spectrum.

Therefore, Information Technology Services (ITS) will regulate and manage this airspace centrally to ensure its fair and efficient allocation and to prevent collision, interference, unauthorized intrusion and failure. In addition, central management will facilitate the adoption of new features. Persons using wireless devices to connect to the College network must be aware of this, and comply with this policy and any other related policies.

ITS will approach the shared use of the wireless radio frequencies in the same way that it manages the shared use of the wired network. Specific issues pertaining to wireless network devices are outlined below:

    • All access points will be installed and configured in such a way as to comply with all security features of the wireless network, including restrictions to provide connections only to those users who are entitled to access.
    • The College reserves the right to remove, disconnect or electronically limit any access point not installed and configured by ITS personnel or specifically covered by prior written agreement and/or arrangement with ITS.
    • Other devices such as portable phones, and wireless devices using "Bluetooth" (a competing wireless technology), that broadcast and receive information on the same frequency as wireless Ethernet devices may cause interference with wireless network operation. If disruptions in wireless service are reported, ITS will investigate and may remove any devices it deems to be interfering with proper network operation. In those cases where the use of other wireless devices in furtherance of the College mission are found to interfere with campus wireless network operation, ITS will take the lead in negotiating a solution that is mutually agreeable to all parties.
    • Only users affiliated with Ithaca College are authorized to use wireless networking on campus. To help protect these affiliated users from unauthorized access to their computer resources, ITS may implement data encryption and authentication security measures that must be followed by all users. These measures require the use of specific wireless LAN product types and are designed to meet emerging wireless encryption and security standards.

4. References

SANS (SysAdmin, Audit, Network, Security) Institute “Wireless Communication Policy” URL: http://www.sans.org/resources/policies/Wireless_Communication_Policy.pdf

Villanova University “Wireless Policy” URL: http://www.villanova.edu/unit/policies/wireless.htm

University of Massachusetts Amherst “Wireless Airspace Policy” URL: http://www.oit.umass.edu/policies/wireless.html

University of Washington “UW Wireless Policy“ URL: http://www.washington.edu/computing/wireless/policy.html

Cornell University “RedRover-Guest Wireless” URL: http://www.cit.cornell.edu/redrover/guest.html

Last Updated: September 13, 2010