100.00 Introduction and
Purpose
110.00 Introduction
To ensure the integrity,
privacy, and security of MSU electronic information, the campus voice, video,
and data network is managed centrally by the Information Technology Center
(ITC). The network includes both wired and wireless components. Any wired or
wireless devices or networks that are connected to the campus network are
considered part of the campus network and are subject to this policy, regardless
of their ownership.
120.00 Purpose
The purpose of this policy
is to ensure the security of MSU data, networks and the devices connected to
those networks by specifying technological and managerial requirements and
recommendations. It is in the best interests of the University that the data,
networks and the devices connected to those networks be protected against
threats to the availability and integrity of the services and information based
on them. Such threats include but are not limited to unauthorized use,
eavesdropping, vandalism (e.g., viruses, worms, Trojan horses), and denial of
service attacks. This policy and associated standards, therefore, state
requirements and recommendations for the secure installation, configuration, and
administration of network-connected devices and infrastructure. Account
maintenance refers to any computer or computing device account that provides
access to network-connected devices and/or resources.
200.00 Policy and Procedure
210:00
Policy
Any device to be connected to the network must be
approved by ITC before it is connected. All network-connected devices must
conform to the required standards cited in the document "Standards for Network
Connectivity at Montana State University"
http://www.montana.edu/itac/campusnetstds.doc, which
is maintained by ITC under the authority of the MSU Information Technology
Advisory Committee (ITAC). Exceptions to this policy may be granted, when judged
appropriate, by the ITC Associate Director for Network Systems and Operations or
the MSU Executive Director for Information Services, and will be formally
communicated to ITAC.
210.00 Scope
Devices covered by this policy include all network-connected,
information technology devices, such as personal computers, printers,
photocopiers, firewalls, servers, routers, switches, and hubs, as well as
network-connected mechanical devices, robots, and laboratory instruments or
any other device connected to the network. Also covered
are cabling, wiring, jack components, and wireless networking devices,
including all network infrastructure components.
220.00 Definition
For purposes of this policy,
"network-connected" indicates devices that are connected by wire, optical fiber,
or wireless means to digital telecommunication networks that are owned and/or
operated by an MSU campus. Exempted from this policy are devices connected to
very small, isolated networks that are (1) managed entirely within individual
academic or administrative departments, (2) do not share network infrastructure
(cabling, electronics) with any other campus network, and (3) are never
connected physically or by wireless means to an MSU campus owned and/or operated
network outside the department.
230.00 Board of Regents Information Technology Policies
The Montana University System Board of Regents has
implemented information technology policies that apply to all public
institutions of higher education within the state of Montana. These policies may
be reviewed at:
http://mus.edu/borpol/bor1300/bor1300.asp
240.00 Freedom from Harassment
All members of the campus community have the right not to
be harassed by the computer or network usage of others. The following activities
constitute harassment (1) intentionally using the computer to annoy, threaten,
intimidate, or offend another person, (2) intentionally using a computer to
interrupt the academic, research, administrative, or related pursuits of
another, and (3) intentionally using the computer to invade the privacy,
academic or otherwise, of another. Related policies may be viewed at:
http://www.montana.edu/wwwaffrm/EO_AA.htm
http://www.montana.edu/wwwitc/docs/compres4.html
250.00
Copyrighted Material
Computer users are
prohibited from copying, storing, or distributing copyrighted material, such as
music, video, etc., in violation of the federal Copyright Act. Related policies
may be viewed at:
http://www2.montana.edu/policy/copyright_infringement/
http://www.montana.edu/wochelp/borpol/bor400/4013.htm
300.00 Acceptance
Any use of an MSU telecommunication network
signifies the user's agreement to adhere to this policy and to these standards.
400.00 Enforcement
410.00 Violations
The information technology department and/or Internal Audit
office will investigate suspected violations of this policy. All operators
of network-connected devices are required to cooperate fully with such
investigations. If suspected violations are seen to pose threats to the security
of the network, to other network-connected devices, or to violate other
university policies, such as fire and electrical code, ITC Departmental Policies
and Procedures, Telecommunication Network Installation Policy 403, etc., the
information technology department may disconnect from
the network any or all devices involved in the violation. Such devices may not
be reconnected to the network until violations are addressed and remedied to
the satisfaction of the information technology department.
420.00 Notification of Suspected Breach
Network users are responsible for promptly reporting
suspected or detected violations of these
standards to the ITC helpdesk unless other departmental procedures are in place.
430.00 Appeals Process
Appeals of decisions made by
the information technology departments at each campus relative to this policy
may be made to the executive at each campus to which the information technology
department reports (for example, at Bozeman this would be the Vice President of
Administration and Finance).
