Content | Navigation |

Policies and Acceptable Use:

Introduction and Purpose:


Computers and other electronic communication devices (ECDs) have become vital tools in accomplishing the University's mission. Most employees and students depend on these devices daily to accomplish their work, and the University invests in and supports a variety of equipment and information technology (IT) related items. These IT resources are not unlimited; however, it is important to assure that they are used appropriately.

The University has a responsibility to assure that they are used legally and in keeping with State Board of Higher Education and NDSU acceptable use policies (AUP) [see Policies and Laws section]. University IT users should be aware that, except where precluded by law, the University has the right to measure and monitor ECD usage, including but not limited to storing, accessing, and reviewing information received or sent through e-mail or over the Internet. Monitoring of an individual's Internet use is possible when requested by the appropriate official. In addition, Internet sites deemed by the University to be unrelated to the University's responsibilities may be blocked, and the University will cooperate with any law enforcement investigation.

If you have questions about appropriate use of electronic communications devices, be sure to discuss it with your supervisor. The NDSU Chief IT Security Officer is also available to answer any questions and help supervisors facilitate a safe and productive work environment.

Guidelines for Incidental Personal Use:


Incidental personal use of University owned ECDs or personal use on University time is acceptable when the use:

  • Does not interfere with the person's work performance
  • Is of nominal cost or value
  • Does not create the appearance of impropriety
  • Is not for a political or personal commercial purpose
  • Is reasonable in time, duration, and frequency
  • Makes minimal use of hardware, software and network resources

Some uses, however, are never acceptable. These include:

  • Use for harassment or similar inappropriate behavior
  • Use for accessing or distributing sexually explicit, offensive or erotic material
  • Violation of copyright laws
  • Use for probing or hacking
  • Use of non-business streaming technologies that consume significant amounts of bandwidth 
  • Use of pirated software or data
  • Knowingly distributing viruses or bypassing established security

 Inappropriate use may range widely in seriousness and impact on the other users. Often misuse can be addressed by the supervisor or administrator in the unit where it occurs. On some occasions, however, the misuse may represent a major violation of acceptable use. The University has established procedural guidelines for investigating an alleged major violation of acceptable use.

Summary of Procedural Guidelines:


Initial discovery of a potential AUP violation can result from a number of triggering events which include but are not limited to: 

 

  • Bandwidth and network monitoring
  • Complaint by a supervisor, other employee or person
  • Inadvertent discovery during routine service or maintenance
  • Legal copyright complaint (includes copyrighted materials such as music, movies, software, etc.)
  • Creation or distribution of SPAM or other network abuse
  • Law enforcement query or subpoena; open records request

The NDSU Chief IT Security Officer will be notified if they are not already aware of the problem. The appropriate Dean(s) or Director(s) will be notified as soon as possible so that there can be an initial decision or meeting established with the Appropriate Use Review Committee* (AURC) to assess the situation and agree on an appropriate course of action. The alleged violator will not be notified until this discussion has taken place and a decision when to notify the alleged violator has been made.  A course of action is determined that can include monitoring and/or seizure and examination of equipment and related IT items (for example: computers, communication devices, hardware, software, media).

Occasionally, emergency action might be necessary so that the NDSU Chief IT Security Officer may not be able to contact all the above officials before an action is taken. If criminal violations are suspected, appropriate law enforcement will be notified. Outcomes of the investigation could include the following determinations: no violation, violation of law or policy, and/or possible criminal violations. Sanctions, if a violation is found, could include, but are not limited to: verbal caution; letter of warning; loss of computer and/or network access; referral to the Employee Assistance Program; referral for training and education; letter of reprimand; suspension with or without pay; and termination of employment. Any criminal process is separate but can also be considered when deciding on appropriate sanctions. The employee may use the normal employment appeals processes for any sanctions imposed.

*Members of the AURC include the Director of Human Resources, Vice President for Equity and Diversity, General Counsel and the Chief Information Officer or their designees

Policies and Laws:

 

NDSU Logo

 

 

NDSU Policy 158 - Acceptable use of Electronic Communications Devices

NDSU Policy 158.1 - E-mail as an Official Communication Method for Employees

NDSU Policy 710 - Computer and Electronic Communications Facilities

 NDSU Code of Student Conduct

NDSU Student Acceptable Use Guidelines
NDSU Employee Acceptable Use Guidelines

 

 

NDUS Logo

 NDUS Policy 1901.2 - Computing Facilities

NDUS PROCEDURE 1901.2.1 Authorized use

NDUS PROCEDURE 1901.2.3 Freedom from harassment and undesired information

NDUS PROCEDURE 1901.4.2 Imposition of sanctions

NDUS PROCEDURE 1901.4.3 System administration access

NDUS PROCEDURE 1901.4.4 Monitoring of usage, inspection of electronic information

 

ND Flag

 North Dakota Century Code

NDCC § 12.1-20-05.1: Luring Minors by Computer

NDCC § 12.1-06.1-08: Computer Fraud - Computer Crime

NDCC § 12.1-27.1-01. Obscenity - Definitions -Dissemination - Classification of offenses

NDCC § 12.1-27.2-04.1. Possession of certain materials prohibited

 

US Flag

 US Law

 18 USC § 1462: Importation or Transportation of Obscene Matters

 18 USC § 2252: Certain Activities Relating to Material Involving the Sexual Exploitation of Minors

 18 USC 2422(b): Coercion and Enticement 

NDSU IT Security Updates

Aug 4, 2015

Free Windows 10 Upgrade, yes indeed Windows 10 is a free upgrade for a year for computers with Windows 7 and 8 installed on them. However, Microsoft will not tell you about this in an e-mail.  Ransomware (software that will encrypt your files and then ask for money for the decryption key) has been seen being delivered through an e-mail promising a free windows 10 upgrade.  Delete these messages as you get them and do not open any attachment that you did not expect to receive.

http://www.net-security.org/malware_news.php?id=3082

 

Jul 28, 2015

1.4 million cars recalled for vulnerable remote control. Fiat, Chrysler, Jeep, and Dodge vehicles can possibly be controlled remotely over the Sprint network. Researchers have shown that while sitting at their desks they can take over many functions of a vehicle on the road through the onboard Infotainment system tied to the Sprint cellular network.

http://arstechnica.com/security/2015/07/fiat-chrysler-recalls-1-4-million-cars-over-remote-hack-vulnerability/

Feb 17, 2015

Over-sharing on a first date could lead to no second date, but over-sharing on a social media site could lead to data theft, real property theft, or physical danger to yourself or your family. There are lots of automated scripts already running on the Internet looking for keywords that are posted to social media,  these scripts do everything from changing the word "meet" to "meat" and posting the results to twitter, to alerting potential thieves that a family is now on vacation and away from their house. Be safe on social media

https://www.privacyrights.org/social-networking-privacy-how-be-safe-secure-and-social#general-tips

Feb 6, 2015

New Slim Spray Diet ... Want a Cruise ... Fight Hair Loss Now ... SPAM SPAM SPAM ... It seems to get into every e-mail inbox beofre the account is even setup.  But there are some ways to fight this menace.

  • Don't reply to it
  • Don't tell vendors your e-mail account
  • If your service has the option, report it or mark it as spam

There are more ways to fight in the link below.

http://www.hongkiat.com/blog/5-simple-steps-to-fight-spam/

FEB 4, 2015

Its Tax Refund Season, Time for a new phone or tablet. But what about the old one? Do you have information on that device that could be used against you?  How can you make sure that your old phones and devices don't come back to haunt you when you are done with it?  Many people buy old equipment off ebay just to see what kind of data is left on those devices.  Follow this guide to make sure that your device is wiped clean before you dispose of it.

http://www.cnet.com/how-to/how-to-wipe-your-phone-or-tablet-before-selling/

FEB 3, 2015

When you download an app on social media or your mobile device, you may be allowing it to collect personal information like your contacts list or location. If possible, look at an app’s permissions before downloading and make sure you are comfortable with the information it collects. If the app does not tell you what information it collects, error on the side of caution and assume that it may be collecting information.

http://www.washingtonpost.com/blogs/the-switch/wp/2014/08/20/what-those-creepy-sounding-app-permissions-mean-and-when-to-be-wary/

 

FEB 2, 2015

There is a security and privacy threat almost everywhere you go.  Most don't even think about it.  Free WIFI, if its free how can that be bad? In fact most Free WIFI could be quite safe, but a few access points could have an active sniffer on the line watching every single nibble of data that goes across its interface, looking for passwords, usernames, or e-mail addresses.  Click Below for more information on safely using WIFI when traveling.

http://www.privatewifi.com/wireless-safety-tips-for-travelers/


Student Focused. Land Grant. Research University.

Follow NDSU
  • Facebook
  • Twitter
  • RSS
  • Google Maps

North Dakota State University
IT Help Desk Phone: +1 (701) 231-8685
Administrative Calls Only: +1 (701) 231-7961 / Fax: (701) 231-8541
Campus address: Quentin Burdick Building 206
Physical/delivery address: 1320 Albrecht Blvd, Fargo, ND 58102
Mailing address: NDSU Dept. 4510 / PO Box 6050 / Fargo, ND 58108-6050
Page manager: Information Technology Services

Last Updated: Wednesday, January 11, 2012