2.10 Technology Use Policies
2.10 Technology Use Policies
2.10.1 All College Computer and Network Use Policy
When you are granted access to a shared computer system or computer network you become part of a community of users. The Ithaca College All College Computer and Network Use Policy applies to all users of College computers and network resources. Additional policies may also apply to specific systems (such as the Web policy for information posted on the Ithaca College Web server). Questions about this policy should be addressed to the associate vice president for information technology services (its@ithaca.edu).
1. Individual use
Your account and network connection are for your individual use. A computer account is to be used only by the person to whom it has been issued. You are responsible for all actions originating through your account or network connection. You must not impersonate others or misrepresent or conceal your identity in electronic messages and actions.
2. Respect the privacy and security of users and systems
Unless information is specifically made public or accessible to you, you should assume anything on the network is private. Just because you may have the ability, through a loophole, someone's carelessness, etc., to access files, directories, or information that does not belong to you, you do not have the right to do so. Any attempt to circumvent computer, network or file security or to take advantage of security lapses is prohibited.
3. Do not disturb other users or abuse computer resources
Disruptive and/or invasive actions using computer systems and networks are strictly prohibited. Examples of this include, but are not limited to, viruses, threatening or harassing messages, "spamming," packet sniffing, self-perpetuating programs, excessive volume of file transfers, network traffic or printing, and other programs, files, hardware, software, or actions that deliberately or unintentionally degrade or disrupt system or network performance, compromise or circumvent system or network security, or interfere with the work of others.
The use of network hubs, routers, wireless access points, or other devices designed to share your network connection with multiple computers or devices is expressly prohibited.
Individuals are required to take reasonable precautions to ensure that their systems are secure -- this includes maintaining current virus detections software at all times on their system(s).
4. Respect intellectual property
The use of campus computer resources, including ResNet, to share or distribute copyrighted material to others without the permission of the copyright holder is prohibited. This includes, but is not limited to, using peer-to-peer applications to share these files. The burden of proof of ownership or obtaining permission from the copyright owner is upon the account holder. Upon receiving proper notification, as defined by the Digital Millennium Copyright Act, of a potential infringing activity, we will where possible remove or block access to the material in question. Reports of repeated copyright infringements will lead to termination of computer/network services and/or other College/legal actions.
5. Access to computer accounts & networks / Non-commercial use only
Ithaca College will make reasonable efforts to have its computer systems and networks available at all times. However, as part of regular maintenance and other planned and unplanned activities, systems & networks may be unavailable at any particular time. Ithaca College reserves the right to restrict or terminate access to its computer and network resources as necessary. Ithaca College computer systems and networks are for non-commercial individual use related to the educational mission of the College by authorized account holders, and for approved College business activities.
6. Abide by the regulations; don't break the law
All users must abide by all college rules and policies, as well as local, state and federal laws. This includes, but is not limited to, other Information Technology Services' policies; the Ithaca College Student Conduct Code and other College policies; local, state and federal regulations.
7. Privacy
ITS follows industry practices and routinely monitors network traffic to ensure the proper functioning and equitable utilization of the College's computer resources, but by policy does not routinely monitor the contents of user files, messages or network transmissions. However, given the nature of computers and electronic communications, we cannot guarantee the absolute privacy of your files and information. You must take reasonable precautions and understand that there is a risk that in some circumstances others can, either intentionally or unintentionally, gain access to files and messages. Where it appears that the integrity, security or functionality of the College's computer or network resources are at risk or in instances of abuse of College policies, codes, or local, state or federal laws, Ithaca College reserves the right to take whatever actions it deems necessary (including, but not limited to monitoring activity, scanning specific machines, and viewing files) to investigate and resolve the situation.
8. Restrictions
The College may impose restrictions on the use of its computer and network systems and/or take additional actions in response to complaints presenting evidence of violations of this or other College policies, codes, or state or federal laws.
Reporting Violations
If you believe that a violation of this policy has occurred, you should contact the Information Technology Services' Computer Abuse Administrator at computer_abuse@ithaca.edu or by calling 607-274-1000. In cases where you feel that an individual's health or safety appears to be in jeopardy you should immediately contact the Office of Public Safety at 607-274-3333.
This policy will be updated periodically. Updates will be posted here.
2.10.2 Ithaca College Web Policy
Note: This policy replaces the Campus-Wide Information Systems (CWIS) policy.
Scope of Policy
This policy applies to websites and applications that are owned and operated by, or operated on behalf of, Ithaca College.
Purpose of Ithaca College Websites
Ithaca College websites are intended to facilitate the dissemination of accurate and timely information about and from Ithaca College to the community; to enhance the efficiency and expand the services of campus administrative, academic, and student support programs; to provide connection between and among campus constituents; and to support the College’s enrollment, marketing, and development initiatives.
Oversight
The Web Strategy Group (WSG) is responsible for providing executive oversight for the College’s web presence. The group reviews and approves web-related policies and guidelines, and it identifies strategic web-related resource needs.
WSG Membership:
- Associate Vice President, Marketing Communications**
- Director, Enterprise Application Services**
- Vice President for Finance and Administration*
- Vice President for Enrollment and Communication*
- Vice President for Institutional Advancement*
- Director, Technology and Instructional Support Services
- Designee for the Senior Associate Vice President for Student Affairs
- Assistant Provost, Online Learning and Extended Studies
- Associate Vice President, Information Technology Services
- Director, Admission
- Web Application Architect
- Associate Director, Application Development
- Director, Advancement Communications
- Director, Client Marketing Services
- Director, Recruitment Marketing
- Administrative Support: Administrative Assistant, Marketing Communications
*liaison to the President's Council and Budget
**co-chair of the Web Strategy Group
Responsibility for Web Presence
The Offices of Marketing Communications and Information Technology Services (ITS) jointly share day-to-day responsibility for managing the College’s web presence.
Members of the campus community maintain a significant proportion of the College’s web presence via the Web Profile Manager content management system.
Responsibility for Web Content
A primary content manager (PCM) must be designated for each website, page, or document. This individual is responsible for the creation, maintenance, and/or oversight of that content, and for ensuring that it is accurate, remains current, is appropriate for online use, and complies with the policies established by the WSG. The PCM may, where appropriate, delegate some or all of these responsibilities to others. However, the PCM is ultimately responsible for actions of their delegates and the integrity of their site. A PCM must be a current member of the campus community, a faculty retiree, or an alumnus. Information about creating and maintaining Web content can be found at /its/services/web.
Responsibility for Web Infrastructure
ITS is responsible for building and maintaining the College’s web technical infrastructure, including maintaining the network, server hardware and software, content management services, web applications, and developing software tools to help automate document maintenance processes.
Wherever possible websites will be managed via the College’s web content management system, the Web Profile Manager.
Responsibility for Web Design
With oversight from the Web Strategy Group, the Office of Marketing Communications takes the lead on the responsibility for establishing, maintaining, and implementing the Ithaca College web brand, which is the overall look and feel of the College’s websites. They work in partnership with Information Technology Services to apply the visual standards to the College's web presence throughout our various web services.
The College reserves the right to enforce the use of design and navigation standards (including the use of specific design templates) throughout its web servers to ensure usability, accessibility, and brand consistency.
Policy on Content
Most material on the College’s web servers is produced by the Ithaca College community, but, except for designated pages, is neither approved nor verified by Ithaca College.
The College reserves the right to remove, without notice, any content that it determines, at its sole discretion, violates College policies, practices, or state or federal laws, or that it determines is otherwise inappropriate. The director of enterprise application services, in consultation with the appropriate vice president, is responsible for facilitating this process.
The PCM is responsible for ensuring that information on the College’s web servers complies with the following standards:
- Must be suitable for distribution to and interaction with both the campus community and the rest of the world.
- Some examples of suitable material are
- Calendars or announcements of upcoming events
- Descriptions of services and programs offered
- News of achievements or programmatic changes
- College policies specific to individual units
- Some examples of material that would be considered inappropriate are
- Commercial advertisements, endorsements, or logos except when used to recognize sponsorship, further the academic mission of the College, or promote a College business service offering
- Material that is illegal
- Private/compliant and protected information (i.e. confidential information). Examples include Social Security numbers, class lists, birth dates, credit card information.
- Disclosing information about a student who has filed a request with the college to have his or her directory information withheld.
- Materials should be checked for accuracy and should be updated regularly.
- The use of copyrighted material must comply with the College’s Copyright Policy and Guidelines (/policies/vol2/volume_2-232/).
- Pages should be designed to avoid confusion or duplication with official pages.
- Every department or other officially recognized College organization's home page must contain
- A link to the Ithaca College home page
- The words "Ithaca College" to help identify the page as part of the overall Ithaca College site
Policy on Information Security
Ithaca College web services are accessible via the global Internet. Private/compliant and protected (i.e. confidential) information should not be posted unless appropriate security restrictions are enabled.
To ensure the security of our systems and services, ITS may restrict the types of services and tools available to campus web developers. Where possible, the campus community will be required to utilize one of the content management systems to maintain their sites.
Only members of the campus community, faculty retirees, alumni, and third-party web developers approved by ITS will be given access to our systems for the purpose of content creation or management. The College reserves the right to remove, without notice, any programs, code, or sites that, at its sole discretion, may present security or performance risks.
Website Protocol
All College websites are for non-commercial individual use related to the educational mission of the College by the campus community, faculty retirees, and alumni and for approved College business activities. In addition, web content providers must abide by all College policies, including, but not limited to, the Ithaca College All-College Computer and Network Use Policy.
Individual Sites
Examples:
- Faculty – Faculty Profile
- Staff – Staff Profile
- Student – ePortfolio
- Alumni – Alumni ePortfolio
Individual sites will be removed as follows:
- Faculty & Staff Profiles – upon last day of employment with the college. Faculty profiles for Ithaca College faculty retirees may remain indefinitely.
- Student ePortfolios – 90 days after a student graduates. Upon graduation a student can choose to have their eportfolio converted to an alumni eportfolio.
- Student Web Space – Upon graduation or departure from the College.
- Alumni ePortfolio – May remain indefinitely, provided the individual renews it annually.
Note: In cases of involuntary separation, the College reserves the right to terminate accounts immediately.
Departmental / Organizational Sites
These sites are to be used to provide a web presence for an officially recognized Ithaca College department, organization, office, school, division, or program. The creation of these sites and designation of a primary content manager requires the approval of the head of the organization (e.g., director, dean, VP) being represented, and in the case of a student organization, the additional approval of the Office of Student Engagement and Multicultural Affairs (OSEMA). Accounts for student organizations must be renewed each academic year.
Examples:
- Academic Department Profiles
- Schools and Division Sites and Profiles
- Administrative Office Sites and Profiles
- Special Program Sites and Profiles
- Student Organization Profiles
Course Sites
The College’s official learning management system is Sakai. Any instructor can create a course site in Sakai.
In addition, information providers must abide by all other Ithaca College policies and procedures.
2.10.3 Wireless Network Policy
1. Purpose
The purpose of this policy is to secure and protect the information assets owned by Ithaca College. Ithaca College provides computer devices, networks, and other electronic information systems to meet its mission, goals, and objectives. Ithaca College grants access to these resources according to an individual’s role and must manage them responsibly to maintain the confidentiality, integrity, and availability of all information assets.
This policy specifies the conditions that wireless infrastructure devices must satisfy in order to connect to the Ithaca College network. Only those wireless infrastructure devices that meet the standards specified in this policy or are granted an exception by Information Technology Services are approved for connection to the Ithaca College network.
2. Scope
This policy addresses the requirements of Wireless deployments, Wireless usage, and Wireless airspace usage. All employees, students, contractors, consultants, temporary workers, and others who use the Ithaca College network, including all personnel affiliated with third parties that maintain a wireless infrastructure device on behalf of Ithaca College, must adhere to this policy. This policy applies to all wireless infrastructure devices that connect to the Ithaca College network or reside at an Ithaca College owned, leased or rented site that provide wireless connectivity to endpoint devices including, but not limited to, laptops, desktops, cellular phones, and personal digital assistants (PDAs). This includes any form of wireless communication device capable of transmitting packet data.
3. Policy
- Wireless Deployments
Standards supported:
- IEEE 802.11n is the preferred wireless networking standard. 802.11g, 802.11b, and 802.11a will be available, where necessary.
- IEEE 802.1X is the authentication standard. Additional security procedures may be applied as needed.
- WPA2 with AES encryption will be the only secure standard used.
Service Set Identifier (SSID)
There shall be two SSIDs broadcast by the wireless deployment.
- ICAirnet – For visitor Internet access and access to installation instructions and tools needed to access ICAirnet-Secure (see below).
- ICAirnet-Secure – For roles-based access to the network. Only devices authenticated via Ithaca College account credentials may access this SSID.
Wireless Service Considerations
- Wireless networking has bandwidth limitations compared to the wired network. The wireless network should be viewed as augmenting the wired network, to provide more flexible network use. Applications that require large amounts of bandwidth, or are sensitive to changes in signal quality and strength may not be appropriate for wireless access.
- Wireless technology is and will for the foreseeable future be a shared bandwidth technology. Some protocols and services will not effectively work in, or may be inappropriate for, a wireless environment.
Wireless IP Addresses
- DHCP is the standard addressing method for the IC wireless networks, and is expected to meet the majority of customer requirements.
- Wireless is a dynamic service. Due to the dynamic nature of wireless, IP space serving the campus will change over time due to capacity re-engineering.
Restrictions
- Ithaca College policy requires that all deployments of wireless infrastructure be installed and maintained by ITS. Installing departmental or do-it-yourself wireless access points is prohibited to avoid possible interference with the IC wireless network, unnecessary impact to the wired network and to minimize undue security risks to the College. Additionally, in areas where centrally-managed wireless networking is available any pre-existing locally managed access points must be removed.
- Use of the wireless network is subject to the established policies for use of IC campus network services. (e.g. All College Computer and Network Use Policy)
- Only devices authenticated via Ithaca College account credentials may access network resources on the IC network that are not Internet facing.
- Unauthenticated visitors will be able to access only the Internet by accepting the policy restrictions on usage and providing their email address.
-
Wireless Usage
Authenticated Access
Role-based access to the network shall be established using the user’s Ithaca College account credentials. All data transactions shall be encrypted and secured by the protocols listed in the Supported Standards section above. Services allowed through the wireless network should be substantially identical to those for wired access. Role based users will be limited to those same services they are permitted to access via wired network controls.
Visitors
Visitors shall have free access to the Internet only. They shall be limited to only those TCP/IP protocols listed in Table 1. In general, standard Web access, Secure Shell access, Instant Messenger access, email access, sending email via secure methods, and Remote VPN access are permitted by these protocols.
| Source | Destination | Service | Action |
| Guest Wireless VLAN | All | HTTP | allow |
| Guest Wireless VLAN | All | HTTPS | allow |
| Guest Wireless VLAN | All | SSH | allow |
| Guest Wireless VLAN | All | AIM/5190/TCP | allow |
| Guest Wireless VLAN | All | YAHOO/5050/TCP | allow |
| Guest Wireless VLAN | All | MSN/1863/TCP | allow |
| Guest Wireless VLAN | All | Google Chat/443/TCP | allow |
| Guest Wireless VLAN | All | iChat/5190, 5298/TCP | allow |
| Guest Wireless VLAN | All | POP | allow |
| Guest Wireless VLAN | All | IMAPS | allow |
| Guest Wireless VLAN | All | IMAP | allow |
| Guest Wireless VLAN | All | SMTPS | allow |
| Guest Wireless VLAN | All | All ports needed for PPTP | allow |
| Guest Wireless VLAN | All | All ports needed for IPSEC | allow |
| Guest Wireless VLAN | All | All | drop |
Table 1
Device support
All supported PDAs and Laptops shall be able to, at a minimum, access the Internet through the Visitor role.
- Wireless Airspace
To provide wireless access, the radio frequency airspace of the campus serves as the transport medium for this technology. Wireless networks operate on the campus shared and finite airspace spectrum.
Therefore, Information Technology Services (ITS) will regulate and manage this airspace centrally to ensure its fair and efficient allocation and to prevent collision, interference, unauthorized intrusion and failure. In addition, central management will facilitate the adoption of new features. Persons using wireless devices to connect to the College network must be aware of this, and comply with this policy and any other related policies.
ITS will approach the shared use of the wireless radio frequencies in the same way that it manages the shared use of the wired network. Specific issues pertaining to wireless network devices are outlined below:
- All access points will be installed and configured in such a way as to comply with all security features of the wireless network, including restrictions to provide connections only to those users who are entitled to access.
- The College reserves the right to remove, disconnect or electronically limit any access point not installed and configured by ITS personnel or specifically covered by prior written agreement and/or arrangement with ITS.
- Other devices such as portable phones, and wireless devices using "Bluetooth" (a competing wireless technology), that broadcast and receive information on the same frequency as wireless Ethernet devices may cause interference with wireless network operation. If disruptions in wireless service are reported, ITS will investigate and may remove any devices it deems to be interfering with proper network operation. In those cases where the use of other wireless devices in furtherance of the College mission are found to interfere with campus wireless network operation, ITS will take the lead in negotiating a solution that is mutually agreeable to all parties.
- Only users affiliated with Ithaca College are authorized to use wireless networking on campus. To help protect these affiliated users from unauthorized access to their computer resources, ITS may implement data encryption and authentication security measures that must be followed by all users. These measures require the use of specific wireless LAN product types and are designed to meet emerging wireless encryption and security standards.
4. References
SANS (SysAdmin, Audit, Network, Security) Institute “Wireless Communication Policy” URL: http://www.sans.org/resources/policies/Wireless_Communication_Policy.pdf
Villanova University “Wireless Policy” URL: http://www.villanova.edu/unit/policies/wireless.htm
University of Massachusetts Amherst “Wireless Airspace Policy” URL: http://www.oit.umass.edu/policies/wireless.html
University of Washington “UW Wireless Policy“ URL: http://www.washington.edu/computing/wireless/policy.html
Cornell University “RedRover-Guest Wireless” URL: http://www.cit.cornell.edu/redrover/guest.html
Last Updated: April 25, 2013