Information Technology Policy

Overview  This policy provides guidelines for appropriate and accepted use of Mid-Atlantic Christian University’s network and computer systems.  Users of the University’s information systems must adhere to University, State, and Federal guidelines with respect to copyrights and licenses, as well as, respect the University’s information security guidelines and obey the guidelines of accepted use detailed in this Information Technology Policy. 

Purpose Mid-Atlantic Christian University’s networking and computing resources have been designed to facilitate teaching and learning.  To facilitate these goals, end users are required to interact with the University’s networking infrastructure and computing systems.  As a consequence of this interaction, it is necessary to provide appropriate usage guidelines.  Mid-Atlantic Christian University’s Network Policy codifies appropriate guidelines with respect to privacy, copyright, acceptable use, and relevant Federal regulations. 

Scope This policy applies to all interactions with the University network—staff, faculty, students, guest, and other temporary users of the University  network are included.  This policy governs all network devices, cell phones, personal computers, university-owned computers, the University website, email, and all associated software that interacts with the university network.

 

Definitions     

DoE United States Department of Education -- ED.gov

Directory Information Directory information is generally not considered harmful if released.  Directory information consist of records that can be shared without a student's permission.  Includes: Name, Address (physical and email), phone number, classification (e.g. freshmen), Major, student activities, dates of attendance, enrollment status (full-time, part-time, or not enrolled), date of graduation, degrees, awards and height/weight (athletics).  Students can block the release of this information by contacting the University Registrar's Office. 

Education/Educational Records Education records include all physical and electronic records that are directly related to a current or formerly enrolled student at Mid-Atlantic Christian University.  Education records include:  admission records, grades, the majority of coursework, financial records, disciplinary records, and other identifying information including race, gender, nationality, ethnicity, and photographs.  Education records do not include information made by University staff and faculty for their personal use. 

FERPA The Family Educational Rights and Privacy Act governs the privacy of student records.  http://www2.ed.gov/policy/gen/guid/fpco/ferpa/index.html 

LAN Local Area Network

OIT Office of Information Technology. 

WLAN Wireless Local Area Network

Policies

 

1.         Acceptable Usage of University Information Technology Resources

 Access to the internet and OIT networking and software resources is a privilege.  All users must respect other users and respect all pertinent license, contractual agreements, copyright regulations, and FERPA/DoE regulations.  Free access to the network may be revoked at any time for abusive conduct and policy violations.

You will be assigned a user name and password via written correspondence.  When you enter the University network, you leave your privacy at the door.  Your internet activity is public information and you should appropriate your activity accordingly.  Your email can be read by people other than the party for which it was intended. Internet traffic can be monitored by people outside of the MACU network.  Therefore, do not abuse Mid-Atlantic Christian University's good name to access questionable web content.  The owner of the computer will be held responsible for whoever uses his or her computer.  Using your computer privileges for hacking someone else's computer is a criminal offense.

1.1       Responsible use of the University computer and network resources requires that        you: 

1.2       Expectation of Privacy

University network users should have no expectation of privacy when transmiting information across the University network.  The University will comply with FERPA regulations, copyright laws, and personal privacy laws. 

1.3       Personal Use

Users are provided with access to University OIT resources for personal use.  Users have no expectation of privacy and should adhere to the following University regulations:

1.4       Guest Usage

Guest usage of the University network and any University-owned OIT system requires special permission from the systems administrator and (when applicable) payment of fees to the University and to the appropriate software vendors. 

1.5       Theft and Vandalism

Theft and vandalism of OIT networking and computing resources is handled by the appropriate authorities.  MACU OIT pursues and supports criminal prosecution of individuals suspected of theft and/or vandalism.

1.6       Games

Games not related to the educational and institutional objectives are prohibited on any University-owned computers.

1.7       Cracking Passwords and Phishing

Any attempt to crack or otherwise obtain passwords is prohibited.  Storing or transferring encrypted or unencrypted password information is prohibited.  Writing, transferring, compiling, storing, or running programs designed to guess passwords or otherwise gain unauthorized access to user or system accounts or passwords is prohibited.

1.8       Misuse of Accounts

A username is assigned to an individual and potentially entitles the user access to sensitive information.  Account sharing is prohibited.  Your account is your user identification when accessing computing resources.  Each user is ultimately responsible for the actions of his or her account.   Any attempt to impersonate another user or conceal your identity when sending email, using social media, or internet forums/message boards is prohibited.

If you determine that your account has been compromised or accessed without your permissions, contact OIT immediately at itsupport@macuniversity.edu and notify your department head.

1.9       Unauthorized Access and Modification of User Files

Unauthorized access to information contained in a user's OIT-maintained directory space is prohibited even if the files are readable and/or writable.

Modifying files anywhere on a OIT-managed device or directory without consent of the file's owner is prohibited.  This includes writing or modifying files which have file permissions set to allow modification or writing.  This also includes creating new files, renaming, or deleting existing files in directories which may have directory permissions set to allow creation or modification of files.

1.10     Disrupting or Degrading Service

Disrupting or degrading a network service is prohibited. The following is a short list of some methods of causing disruption or degradation of service:

1.11     Personal Computers and Devices

Students, staff, and faculty are responsible for any data that passes through their personal computer and other devices.  

1.11.1  Anti-Virus

Staff, faculty, and students are required to have anti-virus software installed and up-to-date on any computer used to access the MACU network.

All university-owned computers will be provisioned with ESET NOD4 anti-virus.  If you have any issues with ESET, contact OIT at itsupport@macuniversity.edu

Students are ultimately responsible for the installation and upkeep of their chosen anti-virus.  However, OIT is available to deal with issues relating to anti-virus programs.  If a determination is made by OIT that an individual’s computer is infecting and continues to re-infect the network with a computer virus or excessive network traffic, network access from the infected computer may be suspended until the computer is certified to be free of computer viruses.

MACU OIT recommends Microsoft Security Essentials for all Windows-based computers and we recommend Sophos for MACs.

1.11.2  Spyware

Spyware on your computer is a personal responsibility and you must be pro-active in keeping your computer clean. There are good, free tools available that can remove spyware. MACU OIT recommends:

1.12     Web Filtering

Mid-Atlantic Christian University uses OpenDNS to restrict access to websites that do not  reinforce MACU's vision, institutional objectives, and policies.  Contact OIT at itsupport@macuniversity.edu with questions about web filtering.

 

2.         University Email Policy

Email is considered an official method for communication at Mid-Atlantic Christian University. Official email communications are intended to meet the academic and administrative needs of the university.  The university has the right to expect that such communications will be received and read in a timely fashion.  To enable this process, the college ensures that all students can be accessed through a standardized, university issued email account.

2.1       FERPA and Email

University email is an official form of communication for Mid-Atlantic Christian University.  Because of the University email's position as an official correspondence,  directory and non-directory information should not be shared via any non-University email address.  Email communication between staff/faculty and students should only take place via official University assigned email addresses.  Non-directory information should be shared via University or non-University email addresses.  The transmission of final grades via email is a violation of FERPA.  If an email is sent to a third party and the email is also sent to student, the student's email address should be placed in the blind carbon copy (Bcc) field.  Student email addresses should only be shared with the permission of the student.

Contact the Registrar's Office for more information about FERPA regulations.

2.2       Assignment of Staff and Faculty Email Addresses

Faculty email addresses are assigned at the request of the Office of Academic Affairs.

Staff email addresses are assigned at the request from the associated department.  Staff and faculty will have an assigned password which will be distributed via written correspondence. 

Department and group email addresses can be requested, but they are assigned at the discretion of OIT. 

2.3       Assignment of Student Email Addresses

Each student, upon enrolling, is issued an email account with an address on the macuniversity.edu domain.  The email account created by the University is the official email address to which the university will send electronic communications.  Students will be notified with their account information via written communication.

2.4       Accessing Email via Google Apps for Education @ MACU

Information about Google Apps for Education, MACUapps, Gmail, and all other information related to Google is freely available on the official MACUapps webpage:  google.macuniversity.edu

Login credentials adhere to the following format:

            Username:   firstname.lastname
            Password:  (listed in your welcome packet/provided by OIT)

Users can access the main Google Apps directly by navigating to: gmail.macuniversity.edu, calendar.macuniversity.edu, drive.macuniversity.edu, sites.macuniversity.edu    

2.5       Mobile Access/Alternative Access

Google Apps for Education/Gmail support IMAP/POP3 forwarding to phones and third-party email clients.  Individual guides for all major phone operating systems can be found at : http://google.macuniversity.edu/getting-started .

2.6       Redirecting Email

Students may elect to redirect messages sent to their Mid-Atlantic Christian University email address.  Students who redirect email from their official address to another address (Hotmail, Yahoo, AOL, etc.) do so at their own risk.  Having email lost as a result of redirection does not absolve students from their responsibilities associated with communications sent to their official email address. 

2.7       Expectations Regarding Student Use of Email

Students are expected to check their Mid-Atlantic Christian University official email on a frequent and consistent basis in order to remain informed of school-related communications.  

Students are responsible for the consequences of not reading University-related communications sent to their official University email account.  Students have the responsibility to recognize that certain communications may be time-critical.

2.7.1    Educational Uses of Email

Instructors may set policies defining how students use email in their class, including requiring students to check their email on a regular basis.  University staff, faculty, and students cannot use personal email accounts for University business.   

2.8       Distribution List Access and Usage

Distribution lists are available for staff and faculty; students are prohibited from accessing University distribution list directly.  Distribution lists are for University-related use only.

2.9       Mass Mailing

Unauthorized mass mailings are prohibited and may result in the immediate loss of network access. 

2.10     Acceptable Usage of University Email

University email may not be used in the following ways:

2.11     Deletion of Student Email Accounts

Student accounts are deactivated on the last day of drop-add of the first semester that a student is not registered. When an account is deactivated, no one will be able to log in with that account information or have access to files stored under it. Accounts are deleted one year after account deactivation.            

2.12     Retention of Email for Alumni

Beginning in the Spring of 2012, students that graduate from Mid-Atlantic Christian University will have the option of keeping their @macuniversity.edu email address.  Accounts for alumni that remain inactive for a period of one year will be removed--all emails, documents, calendars, and contacts associated with the account will be deleted.  

2.13     Deletion and Retention of Staff and Faculty Email Accounts

Staff and faculty email accounts are disabled when an employee leaves the University.  Staff and faculty email is archived for a period of at least three years after the last official University-related interaction.

 

3          Institutional Data Integrity and Management

3.1       Network Drive Management

Each department is assigned a network drive.  Departments and employees are expected to save all school related files to appropriate network drives and maintain the structured integrity of each drive.  Do not save files in the root directly of each network drive; make an appropriate folder, and if needed, make a permission request through OIT.  All permission and mapping requests should be made through OIT.  Upon request the “Staff” drive can be used as a repository for departments to interact.  Request for interdepartmental drives should be made through OIT.

All personal files should be saved to “H:” drives and not on your local computer.  If you do not have an “H:” drive, make a request through OIT.

All network drives are backed up nightly; files saved to local machines are not backed up. 

3.2       Student Information

Under FERPA, University staff and faculty are designated as University officials and are required to adhere to FERPA confidentiality regulations.  University officials are not permitted to disclose non-directory (educational records) information about a student with any outside personnel without legitimate educational interest and written consent by the student.  Only staff and faculty with legitimate educational interest have the right to view a student's academic records.

Faculty and staff need to protect their University assigned usernames and password to limit unauthorized access to restricted academic records.  Faculty and staff are required to lock their computers when they leave and to not leave a computer with access to protected information unattended. 

In the event that a document that contains protected student educational records transported  on a flash-drive, the flash must be password protected.  Protected student data should not be shared via Google Drive or Google Docs.

3.2.1    Student Information--Printing        

Documents that contain non-directory information and educational records of students (e.g. student IDs, class rosters, grade information) should not be left on printers.  Documents that contain protected student information that are printed and unwanted should be destroyed.

3.2.2    Theft of Student Data

Offices, departments, staff, or faculty that experience the loss, theft, or inappropriate disclosure of student education records information are responsible for notifying the police, the individual students, and  the University Registrar’s Office.  (Ref.  Family Educational Rights and Privacy Act of 1974 (also referred to as the Buckley Amendment or FERPA), 20 United States Code § 1232g, as amended) 

3.3       Copyrights

Mid-Atlantic Christian University does not condone unauthorized copying of copyrighted material.  Staff, Faculty, and Students are expected to adhere to the rights granted to copyright owners under Section 106 of the Copyright Act (Title 17.)

The Digital Millennium Copyright Act establishes the liability for infringement of copyright laws by users of computing resources at institutions of higher education.

More information can be found at:  the official Mid-Atlantic Christian University copyright information site http://www.macuniversity.edu/technology/support-and-guides/copyright-and-p2p Additional information can also be found at http://www.copyright.gov/ and http://www.copyright.gov/help/faq/

 

4          University-networking and Computing Resources

4.1       Wireless Network Availability

MACU-Students WLAN is available in the following locations:

4.1.1    Technology, Installation, and Management

Only the IEEE 802.11g and/or 802.11n standard for WLANs will be supported. 

MACU OIT is solely responsible for the installation and management of wireless equipment. Faculty, staff and students may not install or operate personal WLAN Access  Points or Routers (wired or wireless.)

The MACU-Students 802.11g/n WLANs operate in the unlicensed 2.4 GHz and 5 GHz ranges and conform to the IEEE 802.11 DSSS (Direct Sequence Spread Spectrum) specification.  Devices that interfere with the wireless network may be subject to restriction or removal.

All IP addresses for the MACU-Students WLAN will be assigned by DHCP.  Students, staff, and faculty are not assigned static IP address.

Wireless network cards, adapters, and network cables are not provided by the University.

4.1.2    Security and Access

Authentication is required to access the MACU-Students WLAN.  Access instructions are distributed by MACU OIT.

The security level of the WLAN is less than that of the land-based lines.  Data sent over WIFI can be easily snooped.  It is highly recommended that any activity that requires the transmission of sensitive data (e.g. online banking) be conducted over a wired connection. 

Acceptable usage of the MACU-Students WLAN is documented in the Acceptable Usage of University Computers and Network.

Direct all issues related to the MACU-Students WLAN to MACU OIT at:  itsupport@macuniversity.edu. 

4.2       Provisioning of Information Technology Equipment 

4.2.1    Information Technology Environment

Mid-Atlantic Christian University is primarily a Windows-based environment. 

Mid-Atlantic Christian University does not maintain a BYOD environment.  Staff and faculty are required to use OIT-provided networking and computing resources. 

4.2.2    Provisioning of Staff and Faculty Computers

Staff and faculty should make an appropriate request for information technology resources through their department vice president.  Staff and faculty have the option of using a University-owned desktop or laptop. 

4.2.3    Provisioning of Student Computers

Student computers are not provided by the University.  Students are expected to provide for their personal computing needs.

 

5.         Student Computer Labs 

5.1       General Usage

Altering the hardware/peripheral setup of lab computers is prohibited.  Altering operating system and software settings on lab computers is prohibited.

The student computer labs are equipped with computers primarily for the academic work of our students.  Those wishing to use student computers for recreation are welcome to do so as long as other students are not disturbed, delayed or inconveniencedRecreational computer use is not allowed at times when students with academic work are waiting.

Any student working on a class assignment or student project has priority in the university computers labs.  Any student using a computer for recreational use (games, correspondence, social media, e-mail, etc…) is expected to relinquish their computer promptly in response to a request from another student.

Loud or disruptive behavior is not tolerated in the student computer labs.  Food and drink are not permitted in the computer labs.

The Heritage Hall Student Computer Lab is restricted to students by combination lock.  Circumventing this security measure by preventing the door to close in any way is against the MACU Information Technology Policy.

Contact MACU OIT at itsupport@macuniversity.edu to report lab issues.

5.1.1    Location of Computer Labs

There are two computer labs available to students:

5.1.2    Hours of Operation

The hours for the Student Computer Labs are posted on the Computer Lab webpage.

5.2       Saving Documents

Documents should not be saved to any lab computers.  Students should always save their work to their University-provisioned Google Drive or flash drive. Lab computers are wiped and re-imaged multiple times each day.  Any work saved to lab computers will be lost.  The University is not responsible for lost documents.  

5.3       Printing

Printers are available in both computer labs.  Printing is free in the Heritage Lab.  Printing the library is done on a cost-per-sheet basis.  Students should only print one copy of a document using the laser printers.  Students should make additional copies using a copier.  Students can make copies in the Library on a cost-per-sheet basis.

 

6          Disciplinary Action

Ultimate responsibility for proper use and misuse of any or all MACU technology lies with each individual user of the technology.  OIT, the University Disciplinary Committee,  or other individuals within the University may be empowered to temporarily suspend some or all privileges associated with the technology use in cases of misuse or threat to the integrity of all or part of the University's technological resources.  Alleged computer abuse or misuse of computing services by students, faculty, or staff will be referred to the appropriate Vice President.  Violators of University policies are subject to the normal disciplinary procedures of the University.

Illegal actions are subject to prosecution by local, state, or federal authorities.