Information Technology Policy
Overview This policy provides guidelines for appropriate and accepted use of Mid-Atlantic Christian University’s network and computer systems. Users of the University’s information systems must adhere to University, State, and Federal guidelines with respect to copyrights and licenses, as well as, respect the University’s information security guidelines and obey the guidelines of accepted use detailed in this Information Technology Policy.
Purpose Mid-Atlantic Christian University’s networking and computing resources have been designed to facilitate teaching and learning. To facilitate these goals, end users are required to interact with the University’s networking infrastructure and computing systems. As a consequence of this interaction, it is necessary to provide appropriate usage guidelines. Mid-Atlantic Christian University’s Network Policy codifies appropriate guidelines with respect to privacy, copyright, acceptable use, and relevant Federal regulations.
Scope This policy applies to all interactions with the University network—staff, faculty, students, guest, and other temporary users of the University network are included. This policy governs all network devices, cell phones, personal computers, university-owned computers, the University website, email, and all associated software that interacts with the university network.
DoE United States Department of Education -- ED.gov
Directory Information Directory information is generally not considered harmful if released. Directory information consist of records that can be shared without a student's permission. Includes: Name, Address (physical and email), phone number, classification (e.g. freshmen), Major, student activities, dates of attendance, enrollment status (full-time, part-time, or not enrolled), date of graduation, degrees, awards and height/weight (athletics). Students can block the release of this information by contacting the University Registrar's Office.
Education/Educational Records Education records include all physical and electronic records that are directly related to a current or formerly enrolled student at Mid-Atlantic Christian University. Education records include: admission records, grades, the majority of coursework, financial records, disciplinary records, and other identifying information including race, gender, nationality, ethnicity, and photographs. Education records do not include information made by University staff and faculty for their personal use.
FERPA The Family Educational Rights and Privacy Act governs the privacy of student records. http://www2.ed.gov/policy/gen/guid/fpco/ferpa/index.html
LAN Local Area Network
OIT Office of Information Technology.
WLAN Wireless Local Area Network
1. Acceptable Usage of University Information Technology Resources
Access to the internet and OIT networking and software resources is a privilege. All users must respect other users and respect all pertinent license, contractual agreements, copyright regulations, and FERPA/DoE regulations. Free access to the network may be revoked at any time for abusive conduct and policy violations.
You will be assigned a user name and password via written correspondence. When you enter the University network, you leave your privacy at the door. Your internet activity is public information and you should appropriate your activity accordingly. Your email can be read by people other than the party for which it was intended. Internet traffic can be monitored by people outside of the MACU network. Therefore, do not abuse Mid-Atlantic Christian University's good name to access questionable web content. The owner of the computer will be held responsible for whoever uses his or her computer. Using your computer privileges for hacking someone else's computer is a criminal offense.
1.1 Responsible use of the University computer and network resources requires that you:
- Respect the copyright and license provisions as they apply to all programs and data made available on University computing resources and the internet
- Respect the copyright of all materials with respect to their incorporation into papers/assignments, software, presentations, multimedia applications and Internet servers.
- Respect the rights of others by not tampering with their accounts, passwords, programs or data.
- Use only those computers, indentifying information, and passwords for which you are authorized and use them only for the purposes for which they are intended. Do not share your account information or password with others.
- Avoid overuse of the network or printing resources of the server processing power or disk storage.
- Preserve the privacy of personal or institutional data to which you may have access.
- Provide for the security of technology resources for which you are responsible. This includes, but is not limited to, adequate backups and virus protection software.
1.2 Expectation of Privacy
University network users should have no expectation of privacy when transmiting information across the University network. The University will comply with FERPA regulations, copyright laws, and personal privacy laws.
1.3 Personal Use
Users are provided with access to University OIT resources for personal use. Users have no expectation of privacy and should adhere to the following University regulations:
- Compliance with University, Local, State, and Federal guidelines in relation to student data
- Compliance with University, Local, State, and Federal copyright and trademark regulations
- Users cannot use University IT resources for commercial or personal profit.
- Users must adhere to University policies concerning Disrupting or Degrading Service
- Adherence to University licensing agreements
- Compliance with University policies concerning the Misuse of Accounts
- Compliance with University policies concerning the Unauthorized Access and Modification of User Files
- Compliance with University policies concerning the Misuse of Accounts
1.4 Guest Usage
Guest usage of the University network and any University-owned OIT system requires special permission from the systems administrator and (when applicable) payment of fees to the University and to the appropriate software vendors.
1.5 Theft and Vandalism
Theft and vandalism of OIT networking and computing resources is handled by the appropriate authorities. MACU OIT pursues and supports criminal prosecution of individuals suspected of theft and/or vandalism.
Games not related to the educational and institutional objectives are prohibited on any University-owned computers.
1.7 Cracking Passwords and Phishing
Any attempt to crack or otherwise obtain passwords is prohibited. Storing or transferring encrypted or unencrypted password information is prohibited. Writing, transferring, compiling, storing, or running programs designed to guess passwords or otherwise gain unauthorized access to user or system accounts or passwords is prohibited.
1.8 Misuse of Accounts
A username is assigned to an individual and potentially entitles the user access to sensitive information. Account sharing is prohibited. Your account is your user identification when accessing computing resources. Each user is ultimately responsible for the actions of his or her account. Any attempt to impersonate another user or conceal your identity when sending email, using social media, or internet forums/message boards is prohibited.
If you determine that your account has been compromised or accessed without your permissions, contact OIT immediately at email@example.com and notify your department head.
1.9 Unauthorized Access and Modification of User Files
Unauthorized access to information contained in a user's OIT-maintained directory space is prohibited even if the files are readable and/or writable.
Modifying files anywhere on a OIT-managed device or directory without consent of the file's owner is prohibited. This includes writing or modifying files which have file permissions set to allow modification or writing. This also includes creating new files, renaming, or deleting existing files in directories which may have directory permissions set to allow creation or modification of files.
1.10 Disrupting or Degrading Service
Disrupting or degrading a network service is prohibited. The following is a short list of some methods of causing disruption or degradation of service:
- Unplugging the network connection for a machine
- Modifying or reconfiguring a network device (AP, Switch, etc.)
- Modifying the hardware, operating system, or application software of a MACU OIT computer. The other users with whom you share the machine and the technicians on whom you rely for support expect to find it set up exactly the way they left it.
- Attempting to use more resources than the machine can handle (i.e., running a large number intensive applications)
- Excessive printing, using excessive disk space, or otherwise degrading system performance by monopolizing shared resources
- Sending excessive e-mail
1.11 Personal Computers and Devices
Students, staff, and faculty are responsible for any data that passes through their personal computer and other devices.
Staff, faculty, and students are required to have anti-virus software installed and up-to-date on any computer used to access the MACU network.
All university-owned computers will be provisioned with ESET NOD4 anti-virus. If you have any issues with ESET, contact OIT at firstname.lastname@example.org
Students are ultimately responsible for the installation and upkeep of their chosen anti-virus. However, OIT is available to deal with issues relating to anti-virus programs. If a determination is made by OIT that an individual’s computer is infecting and continues to re-infect the network with a computer virus or excessive network traffic, network access from the infected computer may be suspended until the computer is certified to be free of computer viruses.
MACU OIT recommends Microsoft Security Essentials for all Windows-based computers and we recommend Sophos for MACs.
Spyware on your computer is a personal responsibility and you must be pro-active in keeping your computer clean. There are good, free tools available that can remove spyware. MACU OIT recommends:
- Spybot: Search & Destroy
1.12 Web Filtering
Mid-Atlantic Christian University uses OpenDNS to restrict access to websites that do not reinforce MACU's vision, institutional objectives, and policies. Contact OIT at email@example.com with questions about web filtering.
2. University Email Policy
Email is considered an official method for communication at Mid-Atlantic Christian University. Official email communications are intended to meet the academic and administrative needs of the university. The university has the right to expect that such communications will be received and read in a timely fashion. To enable this process, the college ensures that all students can be accessed through a standardized, university issued email account.
2.1 FERPA and Email
University email is an official form of communication for Mid-Atlantic Christian University. Because of the University email's position as an official correspondence, directory and non-directory information should not be shared via any non-University email address. Email communication between staff/faculty and students should only take place via official University assigned email addresses. Non-directory information should be shared via University or non-University email addresses. The transmission of final grades via email is a violation of FERPA. If an email is sent to a third party and the email is also sent to student, the student's email address should be placed in the blind carbon copy (Bcc) field. Student email addresses should only be shared with the permission of the student.
Contact the Registrar's Office for more information about FERPA regulations.
2.2 Assignment of Staff and Faculty Email Addresses
Faculty email addresses are assigned at the request of the Office of Academic Affairs.
Staff email addresses are assigned at the request from the associated department. Staff and faculty will have an assigned password which will be distributed via written correspondence.
Department and group email addresses can be requested, but they are assigned at the discretion of OIT.
2.3 Assignment of Student Email Addresses
Each student, upon enrolling, is issued an email account with an address on the macuniversity.edu domain. The email account created by the University is the official email address to which the university will send electronic communications. Students will be notified with their account information via written communication.
2.4 Accessing Email via Google Apps for Education @ MACU
Information about Google Apps for Education, MACUapps, Gmail, and all other information related to Google is freely available on the official MACUapps webpage: google.macuniversity.edu
Login credentials adhere to the following format:
Password: (listed in your welcome packet/provided by OIT)
Users can access the main Google Apps directly by navigating to: gmail.macuniversity.edu, calendar.macuniversity.edu, drive.macuniversity.edu, sites.macuniversity.edu
2.5 Mobile Access/Alternative Access
Google Apps for Education/Gmail support IMAP/POP3 forwarding to phones and third-party email clients. Individual guides for all major phone operating systems can be found at : http://google.macuniversity.edu/getting-started .
2.6 Redirecting Email
Students may elect to redirect messages sent to their Mid-Atlantic Christian University email address. Students who redirect email from their official address to another address (Hotmail, Yahoo, AOL, etc.) do so at their own risk. Having email lost as a result of redirection does not absolve students from their responsibilities associated with communications sent to their official email address.
2.7 Expectations Regarding Student Use of Email
Students are expected to check their Mid-Atlantic Christian University official email on a frequent and consistent basis in order to remain informed of school-related communications.
Students are responsible for the consequences of not reading University-related communications sent to their official University email account. Students have the responsibility to recognize that certain communications may be time-critical.
2.7.1 Educational Uses of Email
Instructors may set policies defining how students use email in their class, including requiring students to check their email on a regular basis. University staff, faculty, and students cannot use personal email accounts for University business.
2.8 Distribution List Access and Usage
Distribution lists are available for staff and faculty; students are prohibited from accessing University distribution list directly. Distribution lists are for University-related use only.
2.9 Mass Mailing
Unauthorized mass mailings are prohibited and may result in the immediate loss of network access.
2.10 Acceptable Usage of University Email
University email may not be used in the following ways:
- Unlawful Activities
- Commercial purposes
- Personal financial gain
- False identity in email communications
- Misrepresentation of Mid-Atlantic Christian University
2.11 Deletion of Student Email Accounts
Student accounts are deactivated on the last day of drop-add of the first semester that a student is not registered. When an account is deactivated, no one will be able to log in with that account information or have access to files stored under it. Accounts are deleted one year after account deactivation.
2.12 Retention of Email for Alumni
Beginning in the Spring of 2012, students that graduate from Mid-Atlantic Christian University will have the option of keeping their @macuniversity.edu email address. Accounts for alumni that remain inactive for a period of one year will be removed--all emails, documents, calendars, and contacts associated with the account will be deleted.
2.13 Deletion and Retention of Staff and Faculty Email Accounts
Staff and faculty email accounts are disabled when an employee leaves the University. Staff and faculty email is archived for a period of at least three years after the last official University-related interaction.
3 Institutional Data Integrity and Management
3.1 Network Drive Management
Each department is assigned a network drive. Departments and employees are expected to save all school related files to appropriate network drives and maintain the structured integrity of each drive. Do not save files in the root directly of each network drive; make an appropriate folder, and if needed, make a permission request through OIT. All permission and mapping requests should be made through OIT. Upon request the “Staff” drive can be used as a repository for departments to interact. Request for interdepartmental drives should be made through OIT.
All personal files should be saved to “H:” drives and not on your local computer. If you do not have an “H:” drive, make a request through OIT.
All network drives are backed up nightly; files saved to local machines are not backed up.
3.2 Student Information
Under FERPA, University staff and faculty are designated as University officials and are required to adhere to FERPA confidentiality regulations. University officials are not permitted to disclose non-directory (educational records) information about a student with any outside personnel without legitimate educational interest and written consent by the student. Only staff and faculty with legitimate educational interest have the right to view a student's academic records.
Faculty and staff need to protect their University assigned usernames and password to limit unauthorized access to restricted academic records. Faculty and staff are required to lock their computers when they leave and to not leave a computer with access to protected information unattended.
In the event that a document that contains protected student educational records transported on a flash-drive, the flash must be password protected. Protected student data should not be shared via Google Drive or Google Docs.
3.2.1 Student Information--Printing
Documents that contain non-directory information and educational records of students (e.g. student IDs, class rosters, grade information) should not be left on printers. Documents that contain protected student information that are printed and unwanted should be destroyed.
3.2.2 Theft of Student Data
Offices, departments, staff, or faculty that experience the loss, theft, or inappropriate disclosure of student education records information are responsible for notifying the police, the individual students, and the University Registrar’s Office. (Ref. Family Educational Rights and Privacy Act of 1974 (also referred to as the Buckley Amendment or FERPA), 20 United States Code § 1232g, as amended)
Mid-Atlantic Christian University does not condone unauthorized copying of copyrighted material. Staff, Faculty, and Students are expected to adhere to the rights granted to copyright owners under Section 106 of the Copyright Act (Title 17.)
The Digital Millennium Copyright Act establishes the liability for infringement of copyright laws by users of computing resources at institutions of higher education.
More information can be found at: the official Mid-Atlantic Christian University copyright information site http://www.macuniversity.edu/technology/support-and-guides/copyright-and-p2p Additional information can also be found at http://www.copyright.gov/ and http://www.copyright.gov/help/faq/
4 University-networking and Computing Resources
4.1 Wireless Network Availability
MACU-Students WLAN is available in the following locations:
- Pearl A. Presley Hall
- Heritage Hall
- Student Life Center
- Albert C. Blanton III Campus Life Center
4.1.1 Technology, Installation, and Management
Only the IEEE 802.11g and/or 802.11n standard for WLANs will be supported.
MACU OIT is solely responsible for the installation and management of wireless equipment. Faculty, staff and students may not install or operate personal WLAN Access Points or Routers (wired or wireless.)
The MACU-Students 802.11g/n WLANs operate in the unlicensed 2.4 GHz and 5 GHz ranges and conform to the IEEE 802.11 DSSS (Direct Sequence Spread Spectrum) specification. Devices that interfere with the wireless network may be subject to restriction or removal.
All IP addresses for the MACU-Students WLAN will be assigned by DHCP. Students, staff, and faculty are not assigned static IP address.
Wireless network cards, adapters, and network cables are not provided by the University.
4.1.2 Security and Access
Authentication is required to access the MACU-Students WLAN. Access instructions are distributed by MACU OIT.
The security level of the WLAN is less than that of the land-based lines. Data sent over WIFI can be easily snooped. It is highly recommended that any activity that requires the transmission of sensitive data (e.g. online banking) be conducted over a wired connection.
Acceptable usage of the MACU-Students WLAN is documented in the Acceptable Usage of University Computers and Network.
Direct all issues related to the MACU-Students WLAN to MACU OIT at: firstname.lastname@example.org.
4.2 Provisioning of Information Technology Equipment
4.2.1 Information Technology Environment
Mid-Atlantic Christian University is primarily a Windows-based environment.
Mid-Atlantic Christian University does not maintain a BYOD environment. Staff and faculty are required to use OIT-provided networking and computing resources.
4.2.2 Provisioning of Staff and Faculty Computers
Staff and faculty should make an appropriate request for information technology resources through their department vice president. Staff and faculty have the option of using a University-owned desktop or laptop.
4.2.3 Provisioning of Student Computers
Student computers are not provided by the University. Students are expected to provide for their personal computing needs.
5. Student Computer Labs
5.1 General Usage
Altering the hardware/peripheral setup of lab computers is prohibited. Altering operating system and software settings on lab computers is prohibited.
The student computer labs are equipped with computers primarily for the academic work of our students. Those wishing to use student computers for recreation are welcome to do so as long as other students are not disturbed, delayed or inconvenienced. Recreational computer use is not allowed at times when students with academic work are waiting.
Any student working on a class assignment or student project has priority in the university computers labs. Any student using a computer for recreational use (games, correspondence, social media, e-mail, etc…) is expected to relinquish their computer promptly in response to a request from another student.
Loud or disruptive behavior is not tolerated in the student computer labs. Food and drink are not permitted in the computer labs.
The Heritage Hall Student Computer Lab is restricted to students by combination lock. Circumventing this security measure by preventing the door to close in any way is against the MACU Information Technology Policy.
Contact MACU OIT at email@example.com to report lab issues.
5.1.1 Location of Computer Labs
There are two computer labs available to students:
- Watson-Griffith Library Student Computer Lab
- Heritage Hall Student Computer Lab
5.1.2 Hours of Operation
The hours for the Student Computer Labs are posted on the Computer Lab webpage.
5.2 Saving Documents
Documents should not be saved to any lab computers. Students should always save their work to their University-provisioned Google Drive or flash drive. Lab computers are wiped and re-imaged multiple times each day. Any work saved to lab computers will be lost. The University is not responsible for lost documents.
Printers are available in both computer labs. Printing is free in the Heritage Lab. Printing the library is done on a cost-per-sheet basis. Students should only print one copy of a document using the laser printers. Students should make additional copies using a copier. Students can make copies in the Library on a cost-per-sheet basis.
6 Disciplinary Action
Ultimate responsibility for proper use and misuse of any or all MACU technology lies with each individual user of the technology. OIT, the University Disciplinary Committee, or other individuals within the University may be empowered to temporarily suspend some or all privileges associated with the technology use in cases of misuse or threat to the integrity of all or part of the University's technological resources. Alleged computer abuse or misuse of computing services by students, faculty, or staff will be referred to the appropriate Vice President. Violators of University policies are subject to the normal disciplinary procedures of the University.
Illegal actions are subject to prosecution by local, state, or federal authorities.