This policy defines the appropriate use of Franklin & Marshall (F&M) information assets. Those that violate this policy are subject to the full range of sanctions set forth in the Student Handbook, the Employee Policy Guide as well as local, state, and federal laws. At their discretion, the F&M Committee on Information Technology reserves the right to modify this policy at any point in time.
Information security requires the participation and support from all members of the F&M community with access to information assets. It is the responsibility of every member of the F&M community to help ensure that all information assets are kept secure and available.
This policy applies to all members of the F&M community, which includes, but is not limited to employees, students, visitors, volunteers, third parties, contractors, consultants, clients, temporaries, and others (collectively known as "users"), who have access to, support, administer, manage, or maintain F&M information assets.
The F&M Committee on Administrative Computing and the Committee on Academic Technology will review this policy on an annual basis. All revisions will be presented to the Chief Information Officer (CIO) for approval.
In support of its mission of teaching, research, and public service, F&M provides access to information assets for users. Access to these information assets is a privilege granted to the members of the F&M community and is vital to performing their daily tasks. Therefore, proper use and protection of F&M's information assets is essential to F&M's operations.
It is each user's responsibility and obligation to ensure that all computing and communications resources are used only for its intended purpose and that information contained or transmitted via these resources are protected from unauthorized use, appropriation, or corruption. F&M also recognizes that local, state, and federal laws relating to copyright, security, and intellectual property bind all members of the F&M community. The College reserves the right to limit or restrict computing privileges and access to its information assets.
Those who use F&M's information assets must act responsibly. Every user is responsible for the integrity of these resources. All users must respect the rights of other users, respect the integrity of the physical facilities and controls, and respect all pertinent license and contractual agreements.
F&M information assets are to be used for the College-related activities for which they are designed. The College provides each member of the academic community ample file and web space to disseminate legal content. Under no circumstances shall these resources be used to distribute copyrighted material whether it is images, music, software, movies, or any other digital content. The use of the College network, file, or web services to offer goods or services of a commercial nature is strictly forbidden.
Internet access is made available to members of the F&M community. Users must be familiar with the risks associated with accessing the Internet. The lack of confidentiality or integrity of information accessed or sent via the Internet. Users must be aware that when browsing the Internet, each web server can obtain information relating to the individual, the computer that they were using, and the other web locations that have been visited during a browsing session. Therefore, discretion must be used in determining which web sites to visit from an F&M system. Users must use discretion when posting information using company addresses on public Internet sites. Users must not disseminate any data classified as sensitive or confidential over the Internet that is not encrypted.
Proper approval is necessary before implementing new web servers and electronic bulletin boards. A Webmaster must be delegated and is responsible for moving approved information to the information server. Information and/or application servers will not be implemented if the security risks outweigh the benefit of providing such access via the Internet.
As part of F&M's ongoing efforts to create a safe and secure network, all computers are required to be registered on the campus network. As part of this process, all computers are scanned for known vulnerabilities. If a system is found to be susceptible to Internet viruses and related malicious software, the necessary vendor supplied patches need to be installed and all virus definitions need to be updated prior to being granted access to the campus network. F&M supplied anti-virus software needs to be enabled on all systems commonly affected by viruses.
All E-mail accounts using the fandm.edu domain name and all data transferred or stored using F&M's e-mail capabilities are the property of the College. As such, e-mail messages are considered part of company records and, upon legal request, are subject to monitoring, auditing, and discovery. Information transferred from F&M's email address will be treated with the same standards as information on F&M's letterhead. Therefore, when composing e-mail messages, users must comply with all policies regarding the acceptable use of F&M's information assets.
Any inappropriate e-mail is prohibited. Users receiving such e-mail should immediately contact the ITS Help Desk at 717-358-4483 or . In the case of serious risks or harm, contact the Office of Public Safety at 717-291-3939. Examples of the inappropriate use of e-mail:
Members of the college community who choose to connect their personal computers to the campus network are responsible for the usage of their computer. Peer-to-Peer (P2P) file-sharing programs must not be installed on information systems that are used to connect to the campus network. Although P2P technologies are themselves not illegal, such technologies are used overwhelmingly for the unauthorized downloading and uploading of copyrighted works. There is an appeal mechanism in place with the Chief Information Officer if a member of the college community feels they have a legitimate need to use P2P file sharing programs in order to complete their academic responsibilities or successfully do their job at the College. Further, impersonation, anonymity, spoofing, and any other methods of hiding ones true identify in order to mislead, harass, or avoid detection is prohibited.
I agree to the user obligations described above and agree not to use F&M's computer systems or the network in any way that diminishes the effectiveness of the network (examples: using a system to "attack" another, harnessing a disproportionate amount of our internet connection for P2P applications) or interferes with the reasonable and private use of those systems by others. I acknowledge the right of Franklin & Marshall, and its designated staff, to inspect, when necessary as a function of responsible system management, all files stored on the College's information assets.
I understand that upon violation of the terms of this agreement the College, through Information Technology Services, retains the right to deny future computing privileges. I understand that I may also be subject to further disciplinary action by the College, as well as legal action by the owners and licensers of proprietary software for violation of copyright laws and license agreements.
Last update: 9 May 2013