Date Last Revised: 3/26/2007
Category: Information Technology
Responsible Office: Office of the Chief Information Officer
Responsible Executive: Chief Information Officer
This policy establishes conditions of use and user responsibilities for UB’s computing and network resources. Included are definitions of abuse of computing resources and access to computing resources.
Access to modern information technology is essential to the state university mission of providing the students, faculty and staff of the State University of New York with educational services of the highest quality. The pursuit and achievement of the SUNY mission of education, research, and public service require that the privilege of the use of computing systems and software, internal and external data networks, as well as access to the World Wide Web, be made available to all members of the SUNY community. The preservation of that privilege for the full community requires that each faculty member, staff member, student, and other authorized user comply with institutional and external standards for appropriate use.
To assist and ensure such compliance, the University at Buffalo establishes the following policy, which supplements all applicable SUNY policies, including sexual harassment, patent and copyright, and student and employee disciplinary policies, as well as applicable federal and state laws.
a. Authorized use of computing and network resources owned or operated by the University at Buffalo shall be consistent with the education, research and public service mission of the State University of New York, and consistent with this policy.
b. Authorized users of University at Buffalo computing and network resources include faculty, staff, students, and other affiliated individuals or organizations authorized by the Provost or his designee. Use by non-affiliated institutions and organizations shall be in accordance with SUNY Administrative Procedures: Use of Computer Equipment or Services by Non-affiliated Institutions and Organizations.
c. This policy applies to all University at Buffalo computing and network resources, including host computer systems, University at Buffalo-sponsored computers and workstations, software, data sets, and communications networks controlled, administered, or accessed directly or indirectly by University at Buffalo computer resources or services, employees, or students.
d. The University at Buffalo reserves the right to limit access to its networks when applicable campus or university policies or codes, contractual obligations, or state or federal laws are violated, but does not monitor or generally restrict the content of material transported across those networks.
e. The University at Buffalo reserves the right to remove or limit access to material posted on university-owned computers when applicable campus or university policies or codes, contractual obligations, or state or federal laws are violated, but does not monitor the content of material posted on university-owned computers.
f. The University at Buffalo does not monitor or generally restrict material residing on University at Buffalo computers housed within a private domain or on non-University at Buffalo computers, whether or not such computers are attached to campus networks.
g. The University at Buffalo reserves the right, upon reasonable cause for suspicion, to access all aspects of its computing systems and networks, including individual login sessions to determine if a user is violating this policy or state or federal laws.
h. This policy may be supplemented with additional guidelines by campus units which operate their own computers or networks, provided such guidelines are consistent with this policy.
i. Incidental Use: As a convenience to the UB user community, limited incidental personal use of Information Resources is permitted. Faculty and staff are responsible for exercising good judgment about personal use in accordance with this and other IT policies, as well as with UB and SUNY policies and ethical standards for state officers and employees. In general, State officers and employees are charged to pursue a course of conduct that will not raise suspicion among the public that they are likely to be engaged in acts in violation of the public trust. Incidental personal use must comply with the following:
1. It cannot be illegal.
2. It cannot interfere with an UB employee's job responsibilities/work.
3. It cannot adversely affect the availability, integrity, or reliability of UB IT systems or cause harm to the activities of others using the IT systems.
4. It cannot be inconsistent with the University's status as a state entity and its non-profit, tax-exempt status.
a. Privacy: No user should view, copy, alter or destroy another's personal electronic files without permission (unless authorized or required to do so by law or regulation).
b. Copyright: Written permission from the copyright holder is required to duplicate any copyrighted material. This includes duplication of audio tapes, videotapes, photographs, illustrations, computer software, and all other information for educational use or any other purpose. Most software that resides on University at Buffalo computing network(s) is owned by the University, University at Buffalo, or third parties, and is protected by copyright and other laws, together with licenses and other contractual agreements. Users are required to respect and abide by the terms and conditions of software use and redistribution licenses. Such restrictions may include prohibitions against copying programs or data for use on University at Buffalo computing network(s) or for distribution outside the University; against the resale of data or programs, or the use of them for non-educational purposes or for financial gain; and against public disclosure of information about programs (e.g., source code) without the owner's authorization.
c. Harassment, Libel and Slander: Under no circumstances, may any user use University at Buffalo computers or networks to libel, slander, or harass any other person.
d. Access to Computing Resources:
i. Accounts: Accounts created by a system administrator for an individual are for the personal use of that individual only.
ii. Sharing of access: Computer accounts, passwords, and other types of authorization are assigned to individual users and should not be shared with others. You are responsible for any use of your account. If an account is shared or the password is divulged, the holder of the account will lose all account privileges and be held personally responsible for any actions that arise from the misuse of the account.
iii. Permitting unauthorized access: You may not run or otherwise configure software or hardware to intentionally allow access by unauthorized users.
iv. Termination of access: When you cease being a member of the campus community (e.g., withdraw, graduate, or terminate employment, or otherwise leave the university), or if you are assigned a new position and/or responsibilities within the State University system, your access authorization must be reviewed. You must not use facilities, accounts, access codes, privileges or information for which you are not authorized in your new circumstances.
e. Circumventing Security: Users are prohibited from attempting to circumvent or subvert any system's security measures. Users are prohibited from using any computer program or device to intercept or decode passwords or similar access control information.
f. Breaching Security: Deliberate attempts to degrade the performance of a computer system or network or to deprive authorized personnel of resources or access to any University at Buffalo computer or network is prohibited. Breach of security includes, but is not limited to, the following:
- Creating or propagating viruses
- Password grabbing
- Disk scavenging
g. Abuse of Computer Resources: Abuse of University at Buffalo computer resources is prohibited. This abuse includes, but is not limited to, the following:
i. Game Playing: Limited recreational game playing, which is not part of authorized and assigned research or instructional activity, is acceptable, but computing and network services are not to be used for extensive or competitive recreational game playing. Recreational game players occupying a seat in a public computing facility must give up the use of the terminal when others who need to use the facility for academic or research purposes are waiting.
ii. Chain Letters: The propagation of chain letters is considered an unacceptable practice by SUNY and is prohibited.
iii. Unauthorized Servers: The establishment of a background process that services incoming requests from anonymous users for purposes of gaming, chatting or browsing the Web is prohibited.
iv. Unauthorized Monitoring: A user may not use computing resources for unauthorized monitoring of electronic communications.
v. Flooding: Posting a message to multiple list servers or news groups with the intention of reaching as many users as possible is prohibited.
vi. Private Commercial Purposes: The computing resources of University at Buffalo shall not be used for personal or private commercial purposes or for financial gain.
vii. Political Advertising or Campaigning: The use of University at Buffalo computers and networks shall be in accordance with SUNY and University policy on use of University facilities for political purposes.
viii. The issuance of a password or other means of access is to assure appropriate confidentiality of University at Buffalo files and information and does not guarantee privacy for personal or improper use of university equipment or facilities.
ix. University at Buffalo provides reasonable security against intrusion and damage to files stored on the central facilities. University at Buffalo also provides some facilities for archiving and retrieving files specified by users, and for recovering files after accidental loss of data. However, the University at Buffalo is not responsible for unauthorized access by other users or for loss due to power failure, fire, floods, etc. University at Buffalo makes no warranties with respect to Internet services, and it specifically assumes no responsibilities for the content of any advice or information received by a user through the use of University at Buffalo's computer network.
x. Users should be aware that University at Buffalo computer systems and networks may be subject to unauthorized access or tampering. In addition, computer records, including e-mail, are considered "records" which may be accessible to the public under the provisions of the New York State Freedom of Information Law.
The University at Buffalo World Wide Web Home Page (http://www.buffalo.edu) is an official publication of the University at Buffalo. Unless otherwise indicated, all materials, appearing on the Home Page or subsequent official home pages of specific departments, including text and photographs, are copyrighted and should not be reproduced without written permission from the Chief Information Officer. Home pages linked to University at Buffalo Home Page may be created by academic departments, programs, centers or institutes, administrative departments, or recognized student groups. Individual members of the faculty and staff may create their own, but must link them through their department's home page.
Individual students may create their own home page. Each student home page shall include the disclaimer that neither the page contents nor the link identifiers are monitored, reviewed, or endorsed by University at Buffalo.
Violators of this policy will be subject to the existing student or employee disciplinary procedures of University at Buffalo. Sanctions may include the loss of computing privileges. Illegal acts involving University at Buffalo computing resources may also subject users to prosecution by state and federal authorities.