By continuing to use this Network Device you will be accepting South Lanarkshire College’s
INTERNET, INTRANET AND EMAIL ACCESS – ACCEPTABLE USE POLICY
Introduction.
Access to Information Technology resources located within or operated by South Lanarkshire College (‘the College’) is provided for all staff and students and is granted subject to the procedures set out in this document and to College Regulations. Where IT resources are used to access computer networks, systems and data owned by another organisation, users are also subject to the acceptable use of equivalent policies of the organisation concerned, and users must satisfy themselves that they have the authority of the organisation for such activities.
The College reserves the right to deny access to IT resources and to cancel access privileges to IT resources at any time on reasonable grounds.
Where there is any dispute over right of access to or the acceptability of a proposed use of IT resources, the decision of the Principal shall be final.
This policy applies to all College IT assets (including any managed by third parties). The IT assets include IT hardware, software, communications networks and information which is processed or stored by them.
The policy is applicable to all College staff, students, contractors and consultants employed by the college and by any other persons who access College IT systems.
Purpose of the Policy
This is a statement of intent by the College for:
- Achieving a level of security which maintains the risks at a level which is acceptable for the College.
- Ensuring the Internet Security supports the needs of the College.
- Ensuring the consistency in approach to Internet security across the entire organisation.
Management Responsibility
- College managers are responsible for ensuring that risks to IT assets are considered and managed; and that their staff and students understand and accept their own responsibilities for IT security.
Individual Accountability
- Individuals are responsible for the care of IT assets in their control and are held to be fully responsible for their actions when using IT systems. Individuals shall only use the IT system for action for which they are authorised. Unauthorised access of any IT system may result in disciplinary action being taken in accordance with disciplinary procedures.
- In all cases of deliberate breaches of IT security, management may instigate disciplinary action against the offender(s) that may result in the termination of employment and prosecution where appropriate.
- Access to college IT systems and information shall be restricted to authorised personnel. Authorisation shall be granted for access only when there is a justifiable need for the conduct of College business.
- Monitoring facilities will be provided and procedures operated to ensure that breaches in IT security can be detected.
- The Internet and E-mail shall be accessed for College use.
- Access to the Internet/E-mail shall be through the College firewall. Dial-up access from within a College location is prohibited. Any exceptions must be approved by the MIS Manager and the equipment physically removed from the internal LAN. Where remote access is required this shall be via a secure authenticated method of dial-up to the network. Remote Internet E-mail will be accessed via GroupWise Remote Access facility.
- No defamatory material shall be sent to or stored on the Internet, Intranet or E-mail. Staff and students will be held personally responsible for such material if sent or stored deliberately.
- Where electronic correspondence is sent to another organisation, the sender representing the College, it shall be treated as if it were correspondence on College headed paper.
- No information or points of view shall be posted to a Newsgroup using a College Internet account except for college use and where authorised by line management. Senior Management must approve all press releases and other PR publications.
- Users must be aware that unsecured email may be read, tampered with and spoofed.
- No software packages shall be downloaded by staff and students unless it meets the following criteria:
- There is a college need for the software.
- The download has been approved by the department manager and the MIS Dept.
- The software is properly licensed
- Users will be held personally responsible for any infringement of copyright.
- Users shall take reasonable precautions to prevent a virus transferring to computer systems within the College. This includes scanning all email attachments and any files which are downloaded.
- Users shall only subscribe to mailing lists using their college internet account for college use and if authorised by the Department Manager, Head of Department or appropriate Lecturer.
- The internet account shall not be used for fraudulent purposes, nor used to breach another organisation’s security (‘Hacking’). All users must abide by the Acceptable Use policy and/or Terms and Conditions imposed by the operators of those networks and services. (refer to JANET Acceptable Use Policy http://www.ja.net/documents/publications/policy/aup.pdf ).
- The Internet account shall not be used for any illegal purpose, nor for accessing, receiving or transmitting any material deemed illegal, indecent, offensive or otherwise unacceptable under UK law or College policy.
- Users must be aware that use of Internet/E-mail service is audited. Unauthorised use may be a disciplinary offence.
- Users must keep passwords secret and must not disclose them to anyone. Passwords must not be sent over the Internet.
- Passwords must always be typed manually. Features which allow passwords to be automatically presented are prohibited.
- The College has the right to access and read all material generated using the IT Systems in cases where it has reasonable grounds to suspect misuse.
Legal Requirements
Use of the Internet/E-mail must comply with relevant legal requirements including:
- The Data Protection Act
- The Computer Misuse Act
- The Copyright Designs and Patents Act
- The Companies Act
- Regulation of Investigatory Powers Act
Email
Email is provided primarily for legitimate South Lanarkshire College business purposes.
Usage of Email for any other purpose is not permitted and can result in appropriate disciplinary actions.
Mail usage will be monitored with virus checking and mail sweeping for content on all messages received and sent. Any suspect mail message will be flagged for investigation to the mail administrator and will be passed to Human Resources and the appropriate manager for action.
Code of Conduct for the Use of Internet/Intranet and Email Facilities.
Overview
The internet is an electronic communications network that provides vast, diverse and unique resources. Email is a powerful tool designed to increase productivity and efficiency when properly used. The College reserves the right to monitor, review and intercept, access or disclose Email created on College property.
The operation of the Internet relies heavily on the proper conduct of users who must adhere to strict guidelines. If a user violates any of the acceptable use provisions outlined in this policy or any other related policy his/her access will be terminated and future access may be denied. Some violations will also constitute a criminal offence and may result in legal action. Actions in violation of the College’s policy will result in appropriate disciplinary action under the College disciplinary procedures. In some cases dismissal may result.
SUMMARY
The College will not be responsible for any use you might make of the College services, nor for any charges that you incur with any third party, except as documented within a separate written agreement.
You indemnify South Lanarkshire College against the effects of any misuse or any claims resulting from that misuse. South Lanarkshire College accepts no responsibility for loss of data, information in any form or other matters whatsoever which result from the use of the Internet, Intranet or E-mail systems.
South Lanarkshire College reserves the right to vary the Conditions of Use and acceptable use policy for the Internet, Intranet and E-mail service, and to change that service, at their sole discretion at any time and without prior notice. Any decision made by South Lanarkshire College in relation to the services provided, the Code of Conduct and the related policies shall be final.
Failure to comply with the above acceptable use policies and code of conduct will result in disciplinary action which may lead to dismissal.