Print

Lasell Acceptable Use of Information Technology Systems

Lasell College and Lasell Village (Lasell) maintains information technology and services which are essential to the mission of these organizations. All employees (including student employees), students and residents of Lasell College and Lasell Village, guests and affiliates of Lasell (Lasell Community) are obliged to use the information technology appropriately and lawfully and maintain the College's values of integrity, honesty, and ethical decision making.  Upon acceptance of your account information and agreement to follow these procedures, you will be granted access to Lasell's information technology.

Some departments on campus may have additional policies and procedures that apply to the use of information technology within those departments. In addition to this Acceptable Use of Information Technology Systems document, the use of these information technologies is governed by the Student and Employee Handbooks, Written Information Security Plan, Record Retention and Disposition Policy, and all other College policies and procedures.

Scope
These procedures apply to all users of information technology resources owned or managed by Lasell College and/or Lasell Village. Individuals covered by the document include (but are not limited to) Lasell full-time and adjunct faculty, staff, students, Lasell Village residents, guests or agents of the administration, external individuals and organizations accessing network services via Lasell College's information technology facilities.

Acceptable Use of Information Technology Systems

Standard 1: Network and Lasell Owned Computer Usage Standard

Introduction
Lasell's network (wired and wireless) is essential to the day-to-day operations of Lasell College and Lasell Village. This standard defines acceptable use of Lasell's wired and wireless network.

The Lasell Community and affiliates must satisfy the requirements outlined below:

  • The security of Lasell information systems is the responsibility of all members of the Lasell Community and affiliates. Everyone is personally responsible for the security of their accounts, credentials and passwords. Passwords should be difficult to guess and never be disclosed, loaned or sold to another individual. Ways to ensure this include avoiding storing passwords or any other information that could be used to gain access to other technology resources on workstations, sharing passwords, or by leaving them in easily discoverable locations. Everyone has the responsibility to report a suspected breach of any Lasell account, credential, or password to the Technology Help Desk.
  • The Lasell network should be used ethically and it is unacceptable to access systems or data (even when available) which are outside one's job duties and responsibilities or role in the Lasell Community. Information technology should not be used to: gain unauthorized access to other computer systems; create and/or run programs that are designed to identify security loopholes, network schemes, data protection schemes and/or decrypt secured data; spoof or misrepresent one's identity by alteration or appropriation of IP address(es), packet content, or other identifying or authentication information. It is unacceptable to create unauthorized credentials; provide misleading information in order to obtain access to information technology. Unauthorized use of monitoring, management or decoding tools to capture and/or view network traffic including SNMP probing, packet capturing, network discovery tools or tools used to assess security (e.g. vulnerability scanners) is forbidden. Access to information technology operations areas (including but not limited to the server room, switch closets and phone closets) is restricted to those responsible for operation and maintenance.
  • The Lasell Community and affiliates must act responsibly when using the Lasell network and Lasell owned computers and should not compromise internal or external information systems. Some examples include, but are not limited to, knowingly or carelessly running or installing unlicensed software on any computer system or network; giving another user a program intended to damage the system; running or installing any program that places an excessive load on a computer system or network, or compromises the security of the systems or network; violating terms of applicable software licensing agreements, including copying or reproducing any licensed software; unauthorized removal of software from Lasell computers; spreading viruses; unauthorized destroying of information and using imaging equipment to duplicate, alter and subsequently reproduce official documents.
  • Lasell requires that all non-Lasell owned computers connected to the Lasell network have all critical patches applied to the operating system and updated anti-virus software installed.
  • All employees must keep a copy of all electronic work-related files and data on the Lasell network so they are properly backed up and archived. Personal files or data (non-work or academic related) may not be stored on the Lasell network as they waste Lasell resources.
  • Viewing, displaying, downloading or hosting objectionable or pornographic material will be interpreted as a form of harassment and as such will not be tolerated.
  • Lasell's wireless network provides wireless access to the Lasell network resources and to ensure a safe and secure network all wireless devices must access the network through CiscoNAC. Student are permitted to use personal access points but they may not identify them with ESSIDs which mimic or suggest official Lasell network access. Lasell prohibits the use of wireless sniffers, wireless services or software that interfere with normal functionality of the network, systems that deny wireless network use, and system which violate the privacy of other wireless users.

Standard 2: Electronic Communication and Social Network Usage

Standard 3: Responsible Copyright Standard

Standard 4: BYOD (Bring Your Own Device) Standard – Employees and Affiliates Only

Standard 5: Monitoring of Information Technology

Standard 6: Indemnification and Compliance