Creation, transmission, integration and use of information lies at the heart of the University's work:  academically, information enables us to pursue key goals in Research and Education; intellectually, information is inseparable from knowledge; managerially, information enables us to work with purpose and effectiveness.

The University provides computers, networks and electronic information systems as an infrastructure for the broad sweep of its information interests. This infrastructure is an enabling resource capable of raising levels of innovation and creativity within the University community. Acceptable Use policy should serve this enabling role of the infrastructure.

With respect to information more generally, the University has made the following commitment:

The University will ensure that corporate and scholarly information is held for the benefit of all members of the University community and in a form which reflects the following values:

Accessibility: through open access policies in which information is readily available subject only to legal, privacy and confidentiality constraints;
Integrity: through quality assurance policies which ensure that information is free from misleading filtering or corruption;
Authority: through quality assurance policies which ensure that sources of information are accurately attributed;
Relevance: through record and archiving policies which ensure that information is supportive of the University's mission;
Timeliness: through management policies which ensure that information is available without undue delay;
Fit-for-purpose: through quality assurance policies that ensure consistency between data and meta-data;
Access : will not be denied without cause.

Identity

Acceptable use depends on a community commitment to:

Ensure that individual identification information cannot be used by others;
Ensure that individual identities are maintained at all times.

Behaviour

Acceptable use within the University depends on a community commitment to:

Use information and communications resources responsibly, efficiently, and legally;
Manage the resources allocated to them to ensure their integrity, security, and availability for appropriate research, educational and University business activities.

Acceptable use policy is the framework under which information will be made available to authorised users.

PROCEDURES

User Responsibilities

Users are responsible for:

• informing themselves about and complying with all policies, procedures and laws related to access, acceptable use, and security of University information and communications resources;
• if in doubt, contacting the appropriate responsible officer for clarification of access and acceptable use issues;
• reporting apparent policy violations to the University (see Contacts);
• the content and disclosure of their communications;
• taking all reasonable steps to ensure the security of hardware, software and data; not misrepresenting the University.

Use of IDs and Passwords:

• keeping confidential any passwords provided for access to University services;
  • Access to University systems is built around the authentication of individuals through a University UserID and associated password. For privacy, security and appropriate use it is critical that the University UserID and password are accurately linked. Therefore users should not
    • share passwords;
    • represent themselves as other persons or fail to identify themselves in an electronic communication, eg. e-mail;
• all activities on their username\account ID;
  • Any person who has reason to believe that their username\account ID or password has been compromised, should contact their Local IT Support Staff or Helpdesk immediately.

Use of Information\Data:

• accessing only accounts, files, and data that are their own, that are publicly available, or to which they have been given authorised access;
• maintaining the confidentiality and privacy of information classified or known by the user as private or confidential and keeping such information in their possession secure;
• not using University information for non-University related purposes;
• not disclosing any information to which they have access, and that they do not have lawful ownership, authority, or permission to disclose;
• maintaining their professional profiles and personal details as held by the University enterprise systems (for example: through HORUS or ISIS).

Privacy:

• taking account of the following:
  • many people other than the intended recipients may read information sent by e-mail, posted to newsgroups or put on a web site;
  • the University may, at its discretion, authorise access to information stored on any University computer, server or equipment connected to its network.

Use of Software and Hardware:

• not using University e-mail, computers, and networks for illegal, or unauthorised purposes. These include but are not limited to:
  • harassment, defamation, libel, threats or discrimination;
  • storage, display or creation of pornographic matter;
  • destruction of or damage to equipment, software, or data belonging to others;
  • unauthorised copying or downloading of copyrighted materials or in violation of supplier agreements; or
  • conducting private business.
• not harming systems or any stored information\data, by activities such as:
  • creating or propagating viruses;
  • disrupting services or damaging files;
  • making unauthorised or non-approved changes.
• ensuring computer workstations are left secure after being vacated, for example by signing-off and\or securing the system from unauthorised use;
• ensuring that user-provided software is legal and complies with license requirements;.
• being aware of any conditions attached to or affecting the provision of University information and communications resources.

UNIVERSITY RESPONSIBILITIES

The University is responsible for:

• ensuring the security of its systems, data, and users’ accounts.
• ensuring that good workplace practices are followed and that University resources are managed responsibly;
  • Examples of misuse of which managers should be aware include:
    • game playing and excessive personal web searching;
    • spending long periods at the computer without a break;
    • sending frivolous or excessive mail, including chain mail;
    • sending or downloading large files such as video or high resolution images over the network that are not related to work or study;
    • monopolising systems, overloading systems or networks with excessive data, or wasting computer time, connect time, disk space, printer paper, manuals, or other resources.
• investigating misuse and taking action to protect its resources and information;
• providing information relevant to any investigation;
• installing only licensed software and that all systems to which users are given access are properly licensed;
• ensuring that additional conditions imposed by local areas are consistent with this overall policy;
• imposing penalties for breaches of the University’s Rules, Orders and Policies relating to use of information and communication resources;
• providing information to the University community concerning acceptable use for example:

Business Officers - providing information to new staff about the University's policies, including any additional local policies and procedures.
Student Administration - including acceptable use information in enrolment documentation.
Pro Vice Chancellor (ADIS) - developing an informed University community; maintaining a list of Contacts to facilitate the implementation of this policy.
Responsible officers - keeping authorised users in their area informed about local policies and procedures.

DEFINITIONS

Acceptable Use:
This is a widely-used term to refer to policy settings within organisations to facilitate internal and external interoperability and security of information and communications infrastructure.

Authorised User:
This is a term for those users authorised by an organisation to access its systems through an authentication process. This normally involves a unique identifier and associated password.

Information and Communications Resources:
Information and Communications Resources are facilities, technologies and information resources used for University information processing, transfer, storage and communications.

Responsible Officers:
Deans and Directors of Schools, Faculties, Centres and Divisions
Business Officers
Heads of Department and Supervisors
IT Managers and Local IT Support Staff
Communications and Network Managers

Security Measures:
Security Measures are processes, software and hardware, used by system and network administrators to ensure the confidentiality, integrity and availability of the information technology resources and data owned by the University and its authorised users.