Acceptable Uses of IT Infrastructure and Resources-Policy Statement

1. User Responsibilities and Statement of Prohibited Uses

A.Spirit of Use

Only authorized Users have the privilege to access and use the IT Resources. Access and use is limited to the purposes that are consistent with the instructional, research, and administrative goals of the University.

Users are expected to uphold the standards and principles of the University while using the IT Resources and are required to respect the rights of others at all times. Users are prohibited from using any portion of the IT Resources to post or transmit any information, including data, text, files, links, software, chat, collaboration, communication, or other content (Content) that is abusive, disparaging, discriminatory, hostile, combative, threatening, harassing, intimidating, defamatory, pornographic, or obscene. Users who do not respect the Spirit of Use of IT Resources may be held in violation of this policy.

B.User Names

The University recognizes that common practice in computing, online or otherwise, involves use of a “user name”, “login”, “AccessIT ID”, or “screen name” (collectively, “user name”) that may be different from the User’s legal name. Using someone else’s name or assuming someone else’s identity without appropriate authorization, however, is a violation of the University’s principles and this policy.

Users may not use the IT Resources under false name, identification, email address, signature, or other medium of any person or entity without proper authorization. The University prohibits such use of a User name for the purposes of misrepresentation or an attempt to avoid legal or other obligations. Any such unethical use may constitute a violation of this policy.

C.Passwords

When choosing a password for access to the IT Resources, or portions thereof, Users are must adhere to the following rules so as to prevent unauthorized access through any User’s password.

  1. Use a different password for each account; and
  2. Do not write down your password(s) on a piece of paper or record them in a file.
  3. Users should avoid using:
    1. Birth dates;
    2. Names (First, Last, or any combination);
    3. Unaltered words that could be found in a dictionary, including non-English words, and words spelled backwards;
    4. Telephone numbers;
    5. Social Security numbers;
    6. Fordham Identification Numbers (FIDN);
    7. Famous or other proper names; and
    8. Alphabet or keyboard sequences (e.g. “QWERTY”).

When using Fordham’s AccessIT ID, your password must meet the following criteria:

  1. Your password must be 8 characters or more;
  2. Your password must contain at least 1 numeric;
  3. Your password must contain at least 1 uppercase and 1 lowercase character;
  4. Your password must not be reused; and
  5. Your password must not contain any of the following special characters: @& /
  6. You should change your password every 180 days.

Users should not have an expectation of privacy in content either located in the University’s IT Resources or the User’s own system, whether that content is protected by a user name and password, or otherwise.

D.Additional Responsibilities

All Users must fully comply with the standards and responsibilities of acceptable use as outlined in:

  1. All applicable provisions of the University Code of Conduct, employee handbooks and agreements, student handbooks and other policies and procedures established by the undergraduate, graduate, and professional schools of the University;
  2. This IT Policy in its entirety including the related policies as defined in the Related Policies and Procedures section;
  3. All local, state, federal, and international laws;
  4. All application and/or software license agreements acquired by the University and its authorized units;
  5. All applicable University policies and procedures including sexual harassment, academic dishonesty, scientific misconduct, and non-discrimination; and
  6. The legal and educational standards of software use as published in the EDUCOM Code.

Users must adhere to the following responsibilities:

  1. Self-policing of passwords and access codes as set forth above;
  2. Respecting authorial integrity and the intellectual property rights of others;
  3. Respecting and protecting the confidentiality, integrity, and availability of all University IT Resources;
  4. Ensuring that all data and files that the User accesses, transmits, and/or downloads are free from any computer code, file, or program which could damage, disrupt, expose to unauthorized access, or place excessive load on any computer system, network, or other IT Resource;
  5. Reporting any security risk or code, file, or program, including computer viruses, Trojan Horses, worms, or any other malware that affects any IT Resource including any owned or operated by the User; and
  6. Properly backing up appropriate User systems, software, and data.

 

E.Additional Prohibited Uses

Users are prohibited from accessing or using the IT Resources in the following manners:

  1. Initiating or participating in unauthorized mass mailings to news groups, mailing lists, or individuals, including, but not limited to, chain letters, unsolicited commercial email (commonly known as “spam”), floods, and bombs;
  2. Giving others, by password or other means, unauthorized access to any User account or the IT Resources;
  3. Seeking to, without authorization, wrongly access, improperly use, interfere with, dismantle, disrupt, destroy, or prevent access to, any portion of the IT Resources including User or network accounts;
  4. Violating or otherwise compromising the privacy, or any other personal or property right, of other Users or third parties through use of the IT Resources;
  5. Disguising or attempting to disguise the identity of the account or other IT Resource being used including “spoofing” resource addresses, impersonating any other person or entity, or misrepresenting affiliation with any other person or entity;
  6. Using the IT Resources to gain or attempt to gain unauthorized access to networks and/or computer systems;
  7. Engaging in conduct constituting wasteful use of IT Resources or which unfairly monopolizes them to the exclusion of others;
  8. Engaging in conduct that results in interference or degradation of controls and security of the IT Resources;
  9. Unless expressly authorized by the University in writing, exploiting or otherwise using the IT Resources for any commercial purpose;
  10. Engaging in computer crimes or other prohibited acts;
  11. Intentionally or unintentionally violating any applicable local, state, federal, or international law;
  12. Knowingly or negligently running, installing, uploading, posting, emailing, or otherwise transmitting any computer code, file, or program, including, but not limited to, computer viruses, Trojan horses, worms, or any other malware, which damages, exposes to unauthorized access, disrupts, or places excessive load on any computer system, network, or other IT Resource; and
  13. Using any IT Resource, including email or other communication system to intimidate, insult, embarrass, or harass others; to interfere unreasonably with an individual’s work, research, or educational performance; or to create a hostile or offensive environment.

 

Periodically, the University will conduct information sessions to present, or provide through official communications, specific examples of inappropriate uses of the IT Resources. In the interest of creating a well-informed User community, the University also encourages questions about proper use. Please direct inquiries to Fordham IT Customer Care at (718) 817-3999, or the Office of Legal Counsel at (718) 817-3110.