Policy

Middlesex County College provides computing resources, services and facilities to support instruction, administration, and other mission-related activities. The use of these resources is a privilege extended to students, faculty, staff, community members, and affiliates of the College.  Users of these resources, whether affiliated with the College or not, must comply with all College policies and are responsible for behaving in an ethical, legal, secure, and non-disruptive manner.

The College has implemented Acceptable Use Guidelines to assure that technology infrastructure and all related computing resources remain safe, secure, robust, and in compliance with applicable state and federal laws.

This policy is supplemented by and implemented by Procedure No. 3.16.0.

Procedure

Last revised on September 11, 2019

Purpose

This procedure provides acceptable use guidelines that supplement and implement Board Policy No. 3.16.0 for the Acceptable Use of Computer Network, Resources and Facilities.

Scope

This procedure applies to all users of computing resources owned or managed by Middlesex County College, whether affiliated with the College or not. Users include, but are not limited to, students, faculty, staff, community members, volunteers, guests, contractors, and any organizations accessing services using College computing resources and facilities.  Access to the College’s information technology resources is a privilege that requires each member to act responsibly and guard against abuses.  Therefore, both the community as a whole and each individual user have an obligation to abide by the following standards of acceptable use.

The term “computing resources” means all forms of computer-related equipment, technology infrastructure, services, tools, and information resources.  These include, but are not limited to, computer systems, wired and wireless networks, applications and databases, Internet access, and online services.

User Responsibilities

As a user of College computing resources, understand that uses of computing resources may not always be completely private. Take precautions to protect your data and institutional data by securing your accounts, login credentials, and by adopting secure methods of authentication and authorization.

Be considerate. Respect the finite capacity of College computing resources. Limit the use to the extent needed for authorized activities, so as not to consume an unreasonable amount of those resources or to interfere unreasonably with the activity of other users.

Be ethical and lawful. Abide by all federal, state, and other applicable law; all College rules and policies; and all applicable contracts and licenses.
Be responsible for the computing resources assigned to you. Protect and secure them.

Acceptable Use

• You may not use another individual’s account nor attempt to discover other users’ login credentials.
• You may not permit anyone to use your College accounts for any reason.
• You are responsible for the appropriate use of all computing resources assigned to you including computers, software, application and database access, and mobile devices.
• You may only use those computing resources you are authorized to use, and use them only in the manner and to the extent authorized.
• You may not use computing resources to post, view, print, store, or send obscene, pornographic, sexually explicit, dangerous threats, hoax messages, and libelous, harassing, or offensive material.
• You may not use computing resources for advertising, commercial purposes or personal financial or other gain.
• Personal use of computing resources by College personnel that detracts from their assigned duties, interferes with administrative or academic use of computing resources, or is in violation of managerial or supervisory policy or procedure is prohibited.
• You may not monopolize computing resources or interfere with others' use of shared computing resources.
• You must comply with the law with respect to the rights of copyright owners in the use, distribution, or reproduction of copyrighted materials.
• You must honor all software licensing agreements and end user licensing agreements.
• You may not gain (or attempt to gain) unauthorized access to computing resources nor enable others to do so.
• You may not seek to install or modify computing hardware, software or systems owned by the College except to the extent permitted by your job duties (College personnel) or within the confines of approved course work and approved use of students’ systems (students).
• You may not misrepresent your identity in any electronic communications.
• You may not store College information classified as Restricted or Confidential on systems or online services that are not approved or owned by the College.

State and Federal Laws

Applicable state and federal laws and College policies must be followed.

Violations include but are not limited to:

• Failure to respect the copyrights and intellectual property rights of others.
• Making more copies of licensed software than the license allows.
• Downloading, using or distributing illegally obtained media (e.g., software, music, movies).
• Uploading, downloading, distributing or possessing child pornography.
• Accessing, storing or transmitting information classified as Restricted data (e.g., social security numbers, driver’s license numbers, credit card numbers) without a valid business or academic reason or transmitting such information without using appropriate security protocols (e.g., encryption).
• Using third party email services (e.g. Gmail, Yahoo) or non-encrypted email services to transmit College information classified as Restricted.
• Forwarding or auto-forwarding Restricted information to a non-Middlesex County College email service.
• Using third party cloud storage, data sharing, or media tools (e.g. iCloud, Carbonite, Dropbox, Facebook, and YouTube) to store, share or communicate College information classified as Restricted.

Privacy

The college recognizes that all members of the College community have an expectation of privacy for information in which they have a substantial personal interest.  However, this expectation is limited by the College’s need to obey applicable laws, protect the integrity of its resources, and protect the rights of all users and the property and operations of the College.  The College reserves the right to examine material stored on or transmitted through its information technology facilities if there is reason to believe that the standards for acceptable use in this policy are being violated, or if there is reason to believe that the law or College policy are being violated, or if there is reason to believe there is an information security threat, or if required to carry on its necessary operations.  Reasonable efforts will be made to notify the user of the need for access to information in which he or she has a substantial personal interest stored on or transmitted through the College’s information technology resources unless prohibited by law, inconsistent with College policy, or inconsistent with the College carrying out its normal operations.  For example, information stored on the College’s information technology system may be accessed by the College under certain circumstances, including but not limited to:

1. Access by College technicians and system administrators to electronic records in order to address emergency problems, routine system maintenance, or other uses related to the integrity, security and availability of the College’s information technology systems.
2. Information requested pursuant to New Jersey Open Public Records Act which requires disclosure of electronic communication and other data on the College system subject to the exemptions within that Act.  Such access is approved through the College Custodian of Records and all reasonable efforts are made to notify the user in question prior to the release of such information.
3. Information required to comply with a valid subpoena, a court order or e-discovery.  Such access is approved by General Counsel.
4. Audits and investigations undertaken by governmental entities or by College auditors.
5. The need of the College to carry on its normal operations (e.g., in the case of accessing the electronic records of a deceased, incapacitated or unavailable individual).

Violations

1. Violators of this policy are subject to suspension or termination of system privileges and disciplinary action up to and including termination of employment.
2. If a suspected violation involves a student, a judicial referral may be made to the appropriate Dean.  Incidents reported to the Dean will be handled through the College’s Code of Student Conduct.
3. It is a violation of this policy to unnecessarily delay acting on a directive to take corrective action to secure data or electronic credentials.