UNIVERSITY OF PITTSBURGH POLICY 10-02-05
CATEGORY: SUPPORT SERVICES
SECTION: Computing, Information, and Data
SUBJECT: Computer Access and Use
EFFECTIVE DATE: February 1, 2007 Revised
PAGE(S): 3
I. SCOPE
This policy establishes restrictions regarding the access and use of
University owned and maintained computers, computer systems, computer
networks, electronic communications facilities, and other related
computing facilities used to store and process data, text, and software
used by the University.
II. POLICY
Access to University Computer Services
University owned computing equipment may be used only by:
- Faculty, staff, and students for recognized instructional research,
or administrative purposes within the University.
- Organizations whose use of such services is for a recognized public
service. For purposes of administering this policy, such
classification will apply only if the organization has been
designated as federally tax-exempt under the Federal Internal
Revenue Statutes and whose purpose for use of such services is
approved by the University’s Office of the Provost.
- Faculty and staff under professional consulting arrangements
provided:
1) an application for services is approved by the Office of the
Provost and an external sponsored account is established,
2) a formal contractual arrangement is entered into with
Computing Services and Systems Development (CSSD),
3) payments at prevailing rates are made for such services, and
4) the employee is not acting as a broker for purchase of
services for any external organization.
The agreement between the University and qualified tax-exempt
organizations or consulting employees as defined above must be renewed on
an annual basis and at any time be canceled by either party thirty days
after receipt of written notice of cancellation by either party.
The computer services provided for external usage must be no greater than
that normally available to internal users and will be limited to the
extent that they do not adversely affect the mission or needs of the
University.
Appropriate Use of University Computer Services
University-owned computing equipment, networks, services and resources,
including electronic mail and other forms of electronic communication, are
provided for the purpose of conducting University-related activities and
are therefore considered University property. The University, as owner of
such property, has the right to access information on the system stored,
sent, created or received by employees, including electronic mail, as it
deems necessary and appropriate. As such, employees should not expect
individual privacy in the system.
University employees and students are obligated to protect University
computing systems from illegal or damaging actions, either knowingly or
unknowingly. The following are considered improper use of University
owned computing equipment, networks, services, and resources:
- Using information technology resources for purposes other than
research or instructional purposes. Computing resources may not be
used for commercial purposes or personal gain. Use of computer
services for any commercial purpose, partisan political purpose or
for any unlawful purpose is prohibited.
- Intentionally or recklessly abusing or misusing computing resources
so as to cause damage, system interruptions, or harassment to other
persons.
- Repeatedly or purposefully engaging in activities which can be
reasonably expected to, or do, unreasonably tax computing resources
or go beyond their intended or acceptable use.
- Borrowing, lending, falsifying or misusing a computer account
computing resource, or allowing, or facilitating the unauthorized
access to use of University computing resources by a third party.
- Obtaining user IDs and/or password(s) of other persons in order to
use University or University-related computing resources, or
impersonating another person on a computing resource.
- Using electronic media to harass or threaten other persons, or to
display, design, copy, store, draw, print, or publish obscene
language or graphics.
- Submitting or causing to be submitted to the University false,
misleading, harassing or deceptive help requests or complaints.
- Using University computing resources to gain or attempt to gain
unauthorized access to computing resources either inside or outside
of the University.
- Intercepting or attempting to intercept or otherwise monitor any
communications not explicitly intended for him or her without
authorization.
- Copying, reading, accessing, using, misappropriating, altering,
publishing or destroying computer files, output data, documents or
other files of another individual or attempts to do so, without the
permission of that individual, project leader, or authorized
administrator.
- Making, distributing and/or using unauthorized duplicates of
copyrighted material, including software applications, proprietary
data, and information technology resources. This includes sharing
of entertainment (e.g., music, movies, video games) files in
violation of copyright law.
- Violating the terms and conditions of software license agreements
for software distributed by the University of Pittsburgh by giving,
lending, selling, or leasing such media or software to others for
their own use.
- Interfering with the operation of the University’s information
technology resources by deliberately attempting to degrade or
disrupt resource performance, security, or administrative operation
including, but not limited to, intentionally introducing any
computer virus or similar disruptive force into any computing
resource.
- Using a computer, computer system, computer network, or any other
University property for the creation, design, manufacture,
preparation, display, or distribution of any written or graphic
obscene material is prohibited.
- Willfully, fraudulently and without authorization gaining or
attempting to gain access to any computer, computer system, computer
network, or to any software, program, documentation, data or
property contained in any computer, computer system or computer
network is prohibited, including obtaining the password(s) of other
persons in order to use University or University-related information
technology resources without proper authorization or impersonating
another person or an information technology resource. This
includes, borrowing, lending, falsifying, or misusing a computer
account or allows, or facilitates the unauthorized access to use of
University information technology resources by a third party.
Reporting Violations of Computer Use Policy
Violations of this policy should be reported immediately to the department
with responsibilities for compliance with this policy, including Human
Resources, the Office of General Counsel, and CSSD. Violations can also
be reported by sending e-mail to abuse@pitt.edu. The University will
strive to maintain confidentiality to the extent possible consistent with
other obligations.
Disciplinary Action
Violations of this policy will result in the appropriate disciplinary
action, which may include loss of computing privileges, suspension,
termination, or expulsion from the University, and legal action.
Violations of any federal, state, or local law concerning the unauthorized
access or use of University computers and computing services will result
in the appropriate disciplinary action up to, and including termination
from the University.
III. REFERENCES
Policy 10-02-04, Computer Data Administration
Policy 10-02-06, University Administrative Computer Data (UACD) Security
and Privacy
Policy 10-02-11, Computer Account Administration
Policy 10-02-12, Direct Charging for Computing and Information Systems
Services