The User agrees and accepts that:
11.1 College IT Resources are all hardware, software, services and resources made available for the College business. They include all computer networks, wired or wireless, computers, printers, mobile devices, storage, audio visual systems, and associated information services including Cloud services.
11.2 Use of College IT resources, and their use to access non-College IT resources, must be for the purpose of University research, teaching, coursework, associated administration or other authorised use. No private commercial work is permitted without prior authorisation.
11.3 They must understand and abide by the advice provided in the Be Secure web pages. All staff and students must enrol and complete College’s Information Security Awareness training.
11.4 Reasonable personal use of IT resources is permitted provided such use does not disrupt the conduct of College business or other users. Recreational use of the Halls of Residence network is also permitted, subject to these conditions.
11.5 When using College IT resources the user must comply with the College’s Information Security Policy, this Acceptable Use Policy, JANET Acceptable Use Policy, and all relevant statutory and other provisions, regulations, rules and codes of practice. Specifically, but not exclusively, the user must:
11.5.1 Not disclose to others their College password. Understand and abide by the “Code of Practice 5: Passwords”.
11.5.2 Not access or attempt to access IT resources at College or elsewhere for which permission has not been granted or facilitate such unauthorised access by others.
11.5.3 Not use or produce materials or resources to facilitate unauthorised corruption, changes, malfunction or access to any IT resources at the College or elsewhere, e.g. port scanning.
11.5.4 Not display, store, receive or transmit images or text which could be considered offensive or which is likely to bring the College into disrepute, e.g. material of a sexual, pornographic, paedophilic, sexist, racist, libellous, threatening, defamatory, discriminatory, of a terrorist nature.
11.5.5 Not forge email signatures and/or headers, initiate and/or forward 'chain' or 'junk' or 'harassing' email. Not impersonate others in electronic communication and generate or forward junk or offensive communications. Understand and abide by the Guideline 3: Electronic Messaging Guideline.
11.5.6 Respect the copyright of all material and software made available by the College and third parties and not use, download, copy, store or supply copyrighted materials including software and retrieved data other than with the permission of the Copyright holder or under the terms of the license held by the College.
11.5.7 When holding data about living individuals, abide by the College’s Data Protection Policy, to process information (that is, collect, use, share and dispose of) in accordance with the Principles of the Data Protection Act. Students must not keep personal data concerning individuals in connection with their academic studies/research without the express approval from their Head of Department.
11.5.8 When responsible for information assets as an identified Information Asset Owner, understand and abide by their responsibilities as defined in the “Code of Practice 1: Information Security Risk Assessment”.
11.5.9 All information assets created/owned/stored by the user on or connected to College IT resources may, in the instance of suspected wrong doing, be subjected to inspection by College or by statutory authorities. Should the information be encrypted the user shall be required to provide the decryption key.
11.6 As provided by the “Telecommunications (Lawful Business Practice) (Interception of Communications) Regulations 2000”, made under the “Regulation of Investigatory Powers Act 2000” and “Prevent Duty Guidance” as directed by the “Counter-Terrorism and Security Act 2015” the College will intercept and monitor electronic communications for the purposes permitted under those Regulations in accordance with the “Code of Practice 4: Inspection of Electronic Communications and Data”.
11.7 Other than any statutory obligation, the College will not be liable for any loss, damage or inconvenience arising directly or indirectly from the use of, or prevention of use of, any IT resource provided and/or managed by the College.
11.8 Whilst the College takes appropriate security measures against unauthorised access to, alteration, disclosure, destruction or accidental loss of personal and other data it cannot and does not give any warranties or undertakings to the user about security, confidentiality or integrity of data.
11.9 Users’ name, address, photograph, status, e-mail name, login name, alias, College Identifier (CID) and other related information will be stored in computerised form for use for administrative and other purposes e.g. monitoring system usage.
11.10 These conditions apply to non-College owned equipment e.g. personal Laptops, home PCs when connected to the College network, directly and/or via the VPN, for the duration that the equipment is using the College network.
11.11 Breach of these conditions may lead to College disciplinary procedures being invoked, with penalties which could include suspension from the use of all College IT resources for extended periods and/or fines. Serious cases may lead to expulsion or dismissal from the College and may involve civil or criminal action being taken against the user.
11.12 If you have any questions, contact ICT’s Service Desk.
November 2016