This document establishes specific requirements for the use of all computing and network resources at Portland Community College and applies to all users of computing resources owned or managed by Portland Community College (PCC).
The computing resources at Portland Community College support the educational, instructional, research, and administrative activities of the College and the use of these resources is a privilege that is extended to members of the PCC community as well as the Portland City non-profit agencies. As a user of these services and facilities, you have access to valuable College resources, to sensitive data, and to internal and external networks. Consequently, it is important for you to use the facilities in a responsible, ethical, and legal manner.
In general, acceptable use means respecting the rights of other computer users, the integrity of the physical facilities and all pertinent license and contractual agreements. If an individual is found to be in violation of the Acceptable Use Policy, the College can take action, including the restriction and possible loss of network privileges. Individuals are also subject to federal, state and local laws and regulations governing computer and network use as well as interactions that occur on the Internet. These policies and laws are subject to change pending state and federal policy and laws as they develop.
Portland Community College’s (PCC) intentions for publishing an Acceptable Use Policy are not to impose restrictions that are contrary to PCC’s established culture of openness, trust and integrity. Portland Community College is committed to protecting PCC's students, employees, partners and the college as a whole from illegal or damaging actions by individuals, either knowingly or unknowingly.
All network related systems, including but not limited to computer equipment, software, operating systems, storage media, network accounts providing electronic mail, WWW browsing, and FTP, are the property of PCC. These systems are to be used for legal purposes in the course of normal operations.
Effective security involves the participation and support of every PCC student, employee, community partner and affiliate who deals with information and/or information systems. It is the responsibility of every computer user to know these guidelines, and to conduct their activities accordingly.
2. Policy Purpose
The purpose of this policy is to outline the acceptable use of computer equipment at Portland Community College (PCC). These rules are in place to protect both the user and PCC as an entity. Inappropriate use exposes PCC to risks including virus attacks, compromise of network systems, services and legal issues.
This policy applies to the use of information, electronic and computing devices, and network resources to conduct PCC business or interact with internal networks and business systems, whether owned or leased by PCC, the employee, or a third party. All employees, contractors, consultants, temporary, and other workers at PCC and its subsidiaries are responsible for exercising good judgment regarding appropriate use of information, electronic devices, and network resources in accordance with PCC policies and standards, and local laws and regulation. Exceptions to this policy are documented in section 5.2. This policy applies to all equipment that is owned or leased by PCC.
4.1 General Use and Ownership
4.1.1 PCC proprietary information stored on electronic and computing devices whether owned or leased by PCC, the employee or a third party, remains the sole property of PCC. You must ensure through legal or technical means that proprietary information is protected in accordance with the Data Protection Standard.
4.1.2 You have a responsibility to promptly report the theft, loss or unauthorized disclosure of PCC proprietary information.
4.1.3 You may access, use or share PCC proprietary information only to the extent it is authorized for your specific use case as a student, employee, vendor or community member.
4.1.4 PCC Employees are responsible for exercising good judgment regarding the reasonableness of personal use.
4.1.5 For security and network maintenance purposes, authorized individuals within PCC may monitor equipment, systems and network traffic and/or data at any time, per Portland Community College’s Information Security Policy.
4.1.6 PCC reserves the right to audit networks and systems on a periodic basis to ensure compliance with this policy.
4.2 Security and Proprietary Information
4.2.1 All computing and mobile devices that connect to the PCC network must comply with the acceptable use case Policy.
4.2.2 System level and user level passwords must comply with the Password Policy. Providing access to another individual, either deliberately or through failure to secure its access, is prohibited.
4.2.3 All computing devices must be secured and locked or logged off when the device is unattended.
4.2.4 Users must use extreme caution when opening e-mail attachments received from unknown senders, which may contain malware.
4.3 Unacceptable Use
The following activities are, in general, prohibited.
The lists below are by no means exhaustive, but attempt to provide a framework for activities which fall into the category of unacceptable use.
4.3.1 System and Network Activities
The following activities are strictly prohibited, with no exceptions:
- Violations of the rights of any person or company protected by copyright, trade secret, patent or other intellectual property, or similar laws or regulations, including, but not limited to, the installation or distribution of "pirated" or other software products that are not appropriately licensed for use by PCC.
- Unauthorized copying of copyrighted material including, but not limited to, digitization and distribution of photographs from magazines, books or other copyrighted sources, copyrighted music, and the installation of any copyrighted software for which PCC or the end user does not have an active license is strictly prohibited.
- Accessing data, a server or an account for any purpose other than conducting PCC business, even if you have authorized access, is prohibited.
- Exporting software, technical information, encryption software or technology, in violation of international or regional export control laws, is illegal. The appropriate management should be consulted prior to export of any material that is in question.
- Introduction of malicious programs into the network or server (e.g., viruses, worms, Trojan horses, etc.).
- Revealing your account password to others or allowing use of your account by others is prohibited.
- Using a PCC computing asset to actively engage in procuring or transmitting material that is in violation of sexual harassment or hostile laws in the user's local jurisdiction.
- Making fraudulent offers of products, items, or services originating from any PCC account.
- Making statements about warranty, expressly or implied, unless it is a part of normal job duties.
- Effecting security breaches or disruptions of network communication. Security breaches include, but are not limited to, accessing data of which the employee is not an intended recipient or logging into a server or account that the employee is not expressly authorized to access, unless these duties are within the scope of regular duties. For purposes of this section, "disruption" includes, but is not limited to, network sniffing, pinged floods, packet spoofing, denial of service, and forged routing information for malicious purposes.
- Port scanning or security scanning is expressly prohibited unless prior notification to Portland Community College is made.
- Executing any form of network monitoring which will intercept data not intended for the user host, unless this activity is a part of the employee's normal job/duty.
- Circumventing user authentication or security of any host, network or account.
- Interfering with or denying service to any user other than the employee's host (for example, denial of service attack).
- Using any program/script/command, or sending messages of any kind, with the intent to interfere with, or disable, a user's terminal session, via any means, locally or via the Internet/Intranet/Extranet.
4.3.2 Email and Communication Activities
- Sending unsolicited email messages, including the sending of "junk mail" or other advertising material to individuals who did not specifically request such material (email spam).
- Any form of harassment via email, telephone or texting, whether through language, frequency, or size of messages.
- Solicitation of email for any other email address, other than that of the poster's account, with the intent to harass or to collect replies.
- Use of unsolicited email originating from within PCC's networks of other Internet/Intranet/Extranet service providers on behalf of, or to advertise, any service hosted by PCC or connected via PCC's network.
- Posting the same or similar non-business-related messages to large numbers of Usenet newsgroups (newsgroup spam).
4.3.3 Blogging and Social Media
- Blogging by users, whether using PCC’s property and systems or personal computer systems, is also subject to the terms and restrictions set forth in this Policy. Limited and occasional use of PCC’s systems to engage in blogging is acceptable, provided that it is done in a professional and responsible manner, does not otherwise violate PCC’s policy, is not detrimental to PCC’s best interests, and is compliant with local laws. Blogging from PCC’s systems is also subject to monitoring.
- PCC’s Confidential Information policy also applies to blogging. As such, users are prohibited from revealing any PCC related confidential or proprietary information.
- Users are prohibited from making any discriminatory, disparaging, defamatory or harassing comments when blogging or otherwise engaging in any conduct prohibited by PCC’s Non-Discrimination and Anti-Harassment policy.
- Apart from following all laws pertaining to the handling and disclosure of copyrighted or export controlled materials, PCC’s trademarks, logos and any other PCC intellectual property may also not be used in connection with any blogging activity
5. Policy Compliance
5.1 Compliance Measurement
The Portland Community College team will verify compliance to this policy through various methods, including but not limited to, Network Operating Center’s business tool reports, internal and external audits, and feedback to the policy owner.
Any exception to this use case policy must be approved by the Portland Community College CIO in advance.
If an individual is found to be in violation of the Acceptable Use Policy, the PCC can take action, including the restriction and possible loss of network privileges. Individuals are also subject to federal, state and local laws and regulations governing computer and network use as well as interactions that occur on the Internet.
PCC provides wireless network access for internet use only. Use of these WiFi networks are covered by this computer use policy and acceptance of this is required for access.
PCC provides public access computing in designated areas only. Use of these public computers is subject to this computer use policy and all public users must comply with all requests and instructions from the lab assistant and or designated facilitator.
Student Accounts and Data
Student accounts (lab use and email accounts) are created at the beginning of each semester for all new and currently enrolled students. Student email accounts are deleted after two consecutive semesters of non-enrollment or at the request of the student. Students are encouraged to backup important data to alternate storage type drives.
The primary purpose of the computer labs is to allow PCC students and guests a place for computer-based learning and related research. As such, the following guidelines should be followed while in the computer labs:
- Be considerate of other users. The labs are intended to be places of study and academic work and every effort is made to maintain this environment. If conversation is necessary for your work, please do so quietly. Acceptable noise volume levels will be at the discretion of the computer lab assistant or instructor on duty.
- Cell phone conversations are prohibited in the labs. Please use cell phones outside the lab.
- Music or other audio should not be audible to other patrons or the lab assistant. Please use headphones in the labs. If others can still hear your audio content, you will be asked to turn the volume down.
- Children are not allowed unless accompanied by an adult. Children are not to be left unattended anywhere on campus. Please be aware that computers in the labs have full access to the Internet and there are no content filters to prevent children from accessing or viewing inappropriate materials.
- No food or drink in labs.
- Password sharing and logging in for other users is prohibited.
- Students, employees and guests are not allowed to install software or otherwise tamper with the hardware or software of the lab computers.
- Printing in the computer labs will be limited per student account. Access to and volume of printing is also at the discretion of the lab assistant or instructor.
- Accessibility stations are reserved for users with special requirements. You may use one if it is available, but you will be asked to relocate if a user with special needs is present.
- Dispose of any trash in the waste receptacles provided.
- Comply with all requests and instructions from the lab assistant. Should you have an issue with any request being made of you, please request to speak to a supervisor.
Acceptable Use Listed
- You may use only the computers, computer accounts, and computer files for which you have authorization.
- You may not use another individual’s account or attempt to capture or guess other users’ passwords.
- You are individually responsible for appropriate use of your computer, account and all resources assigned to you.
- The college is bound by its contractual and license agreements respecting certain third party resources; you are expected to comply with all such agreements when using such resources.
- You should make a reasonable effort to protect your passwords and to secure resources against unauthorized use or access.
- You must not attempt to access restricted portions of the network, individual computers, or attempt to monitor network traffic without approval of Computer Services.
- You must not develop or use programs, software, or processes that disrupt other computer or network users, or that damage or degrade performance, software, or hardware components of a system.
Unacceptable Use Listed
- Users may not use the campus computing or network services to transmit or display information which:
- Violates or infringes on the rights of another person, including the right of privacy.
- Contains defamatory, false, inaccurate, abusive, obscene, pornographic, profane, sexually oriented, threatening, racially offensive, or otherwise biased, discriminatory, or illegal material.
- Restricts or inhibits other users from using the PCC network system or the efficiency of the computer systems.
- Uses the system for any illegal purpose.
- Users may not illegally share or obtain copyrighted material
- Users may not use computing and network services for uses that are inconsistent, incompatible, or in conflict with state or federal law or PCC information security policy.
- Users must respect the privacy of other users, including others digital property.
- Users may not share their password with others or let others use their account.
- Users must not intentionally disrupt the campus computing system or obstruct the work of other users such as by interfering with the accounts of others, introducing or spreading viruses or other destructive programs on computers or the network, sending chain letters or blanket e-mail messages, or knowingly consuming inordinately large amounts of system resources.
IT Director, Technical Services Division
|Draft/Initial publication of document|
Consequences for Misuse of PCC's Electronic Information Resources are covered in...
- Email Usage and Retention Standards - Governs use of PCC's Electronic Mail System (email)
- Information Classification Standard - PCC's information security policies and standards.
Eligible Users are Faculty, Staff and Students who have been granted access to specific Electronic Resources. This does not include spouses, children, significant others et al. Faculty, staff and students will be held responsible for actions taken by others who use their access.