As part of its educational mission, Salish Kootenai College acquires, develops, and maintains computers, computer systems, and networks. These Information Technology (IT) resources are intended for college-related purposes, including direct and indirect support of the College’s instruction, research and service missions; college administrative functions; student and campus life activities; and the free exchange of ideas within the college community and between the college community and the wider local, national, and world communities.
This policy applies to all users of college IT resources, whether affiliated with the College or not, and to all uses of those resources, whether on campus or from remote locations.
A. General Rules
Users of college IT resources must comply with federal and state laws, college policies, procedures, and regulations, and the terms of applicable contracts including software licenses. Examples of applicable laws, regulations, and policies include but are not limited to the laws concerning libel, privacy, copyright, trademark, and obscenity and child pornography; the Electronic Communications Privacy Act, Digital Millennium Copyright Act (DMCA), Family Educational Rights and Privacy Act (GERPA), Health Insurance Portability and Accountability Act (HIPAA), and the Computer Fraud and Abuse Act, which prohibits “hacking”, “cracking”, and similar activities; the College’s Sexual Harassment Policy; and the College’s Policy on the use of the college names and logos. Users who engage in electronic communications with persons in other states or countries or on other systems or networks may also be subject to the laws of those jurisdictions and the rules and policies of those other systems and networks.
Users are responsible for ascertaining what authorizations are necessary and for obtaining them before using college IT resources. Users are responsible for any activity originating from their accounts that they can reasonably be expected to control Accounts and passwords may not, under any circumstances, be used by persons other than those to whom they have been assigned by IT Services. In cases when unauthorized use of accounts or resources is detected or suspected, the account owner should change the password and report the incident to IT Services.
Disruptive use of college IT resources is not permitted. IT Services will determine whether specific usage is considered normal, excessive, or disruptive. Although there is no set bandwidth, disk space, CPU time, or other limit applicable to all uses of college IT resources, the College may require users of these resources to limit or refrain from specific uses if such use interferes with the efficient operations of the system.
Users may not use IT resources to gain unauthorized access to remote computers or to impair or damage the operations of SKC computers or networks, terminals, or peripherals. This includes blocking communication lines, intercepting or “sniffing” communications, and running, installing, or sharing virus programs. Deliberate attempts to circumvent data protection or other security measures are prohibited.
Users who violate this policy may be denied access to college IT resources. The College may suspend, block, or restrict access to an account when it appears necessary to do so to:
- Protect the integrity, security, or functionality of college or other IT resources,
- Comply with legal or contractual requirements,
- Investigate alleged or potential violations of law or policy including, without limitation, state, federal, or local law, or college policies, procedures, or regulations,
- Investigate any asserted, threatened, or potential complaint or grievance filed or credibly alleged pursuant to law or college policies, procedures, or regulations,
- Protect the College from liability or disruption.
The College may also refer suspected violations of law to appropriate law enforcement agencies for further investigation or action.
Users who violate this policy may be subject to other penalties and disciplinary action, including expulsion or dismissal, under applicable college policies, procedures, or regulations.
B. Security, Privacy, and Public Records
The College employs various measures to protect the security of its IT resources and user accounts. However, the College cannot guarantee complete security and confidentiality. It is the responsibility of users to practice “safe computing” by establishing appropriate access restrictions for their accounts, by guarding their passwords, and by changing passwords regularly.
Users should also be aware that their use of college IT resources is not private. While the College does not routinely monitor individual usage of its IT resources, the normal operation and maintenance of the College’s IT resource require the backup and caching of data and communications, the logging of activity, monitoring of general usage patterns, and other activities necessary or convenient for the provision of service.
The College may monitor SKC IT resources and retrieve communications and other records of specific users of SKC IT resources, including individual login sessions and the content of individual communications, without notice.
C. Commercial or Non-College Related Use
College IT resources are not to be used for personal commercial purpose or for personal financial or other gain. Occasional personal use of college IT resources for other purposes is permitted when it does not consume a significant amount of those resources, does not interfere with the performance of the user’s job or other college responsibilities, and is otherwise in compliance with this and other college policies, including without limitation the College’s policies on outside activities and use of college trademarks and names. Further limits may be imposed upon personal use in accordance with normal supervisory procedures concerning the use of college equipment.
D. Network Infrastructure/Routing and Wireless Media
Users must not implement their own network infrastructure. This includes, but is not limited to, basic network devices such as hubs, switches, routers, network firewalls, and wireless access points. Users must not offer alternate methods of access to SKC IT resources such as modems and virtual private networks (VPNs). Users must not offer network infrastructure services such as DHCP and DNS.
Wireless is shared media and easily intercepted by a third party. Wireless users are encouraged to use some type of encryption.