Acceptable Use of Information Technology Policy

Policy Overview

Cummings Graduate Institute’s intentions for publishing an Acceptable Use of Information Technology Policy are not to impose restrictions that are contrary to the Institute’s established culture of openness, trust and integrity. The Cummings Graduate Institute is committed to protecting the employees, partners and the company from illegal or damaging actions by individuals, either knowingly or unknowingly.

Internet/Intranet/Extranet-related systems, including but not limited to computer equipment, software, operating systems, storage media, network accounts providing electronic mail, web browsing, and FTP, are the property of the Institute. These systems are to be used for business purposes in serving the interests of the company, and of our faculty and students in the course of normal operations.

Effective security is a team effort involving the participation and support of every Institute employee and affiliate who deals with information and/or information systems. It is the responsibility of every computer user to know these guidelines, and to conduct their activities accordingly.

The scope of this policy includes any and all use of institutional IT resources, including but not limited to, the student and faculty portals, computer systems, phones, email, the network, network resources, and the institution’s Internet and Intranet connections.

Cummings Graduate Institute recognizes that use of email and the Internet make communication more efficient and effective. However, Internet service and email are valuable, costly resources and their purpose is to facilitate educational business. Irresponsible use reduces their availability for critical business operations, compromises security and network integrity, and leaves the institution open to potentially damaging litigation. All use of Cummings Graduate Institute IT resources must be in support of business, education, and research consistent with the purposes of the institution. This policy discusses acceptable usage for computers, email, and the Internet.

Restrictions and Prohibitions on Use and Access

The following activities are strictly prohibited, with no exceptions. If any doubt exists as to what these activities are, please get in contact with the CEO or COO.

  • Violations of the rights of any person or company protected by copyright, trade secret, patent or other intellectual property, or similar laws or regulations, including, but not limited to, the installation or distribution of "pirated" or other software products that are not appropriately licensed for use by the Institute.
  • Unauthorized copying of copyrighted material including, but not limited to, digitization and distribution of photographs from magazines, books or other copyrighted sources, copyrighted music, and the installation of any copyrighted software for which the Institute or the end user does not have an active license is strictly prohibited. See the Copyright Policy in Staff/Faculty Handbook for further reference.
  • Accessing data, a server or an account for any purpose other than conducting Institute business, even with authorized access, is prohibited.
  • Exporting software, technical information, encryption software or technology, in violation of international or regional export control laws, is illegal. The IT Director should be consulted prior to export of any material that is in question.
  • Introduction of malicious programs into the network or server (e.g., viruses, worms, Trojan horses, email bombs, etc.).
  • Revealing an account password to others or allowing the use of any Institute account by others. This includes family and other household members when work is being done at home.
  • Using an Institute computing asset to actively engage in procuring or transmitting material that is in violation of sexual harassment or hostile workplace laws in the user's local jurisdiction.
  • Making fraudulent offers of products, items, or services originating from any Institute account.
  • Making statements about warranty, expressly or implied, unless it is a part of normal job duties.
  • Effecting security breaches or disruptions of network communication. Security breaches include, but are not limited to, accessing data of which the employee is not an intended recipient or logging into a server or account that the employee is not expressly authorized to access, unless these duties are within the scope of regular duties. For purposes of this section, "disruption" includes, but is not limited to, network sniffing, pinged floods, packet spoofing, denial of service, and forged routing information for malicious purposes.
  • Port scanning or security scanning is expressly prohibited unless prior notification to the Institute is made.
  • Executing any form of network monitoring which will intercept data not intended for the employee's host, unless this activity is a part of the employee's normal job/duty.
  • Circumventing user authentication or security of any host, network or account.
  • Introducing honeypots, honeynets, or similar technology on the Institute network.
  • Interfering with or denying service to any user other than the employee's host (for example, denial of service attack).
  • Using any program/script/command, or sending messages of any kind, with the intent to interfere with, or disable, a user's terminal session, by any means, locally or via the Internet/Intranet/Extranet.
  • Providing information about, or lists of, the Institute employees or students to parties outside the Institute.
  • Accessing obscene or pornographic material. An exception to this provision would be accessing such material for legitimate academic purposes directly related to the course content and exemption must be received from the Director. Under no circumstances shall child pornography be accessed.

When utilizing IT resources, all institutional policies are in effect at all times. Any student, staff member, or faculty member who abuses the privilege of Cummings Graduate Institute facilitated access to student or faculty portals, email, or the Internet may be denied access to and, if appropriate, be subject to disciplinary action, up to and including termination or dismissal from the institution.

Policy Responsibility

Staff, Faculty, and Student Responsibility

It is the responsibility of all staff, faculty, and students to abide by the Acceptable Use of Information Technology Policy.

IT Department

It is the responsibility of the IT Department to notify the CEO and/or COO if technology is being used inappropriately.

Policy Procedure

If a staff, faculty, or student break the Acceptable Use of Information Technology, it will be reported to the CEO or COO. The CEO and/or COO will then investigate the situation and depending on the individual circumstance, will take appropriate actions.

Forms

At this time, there are no student forms associated with this policy.

Approvals/Revision History

Policy was revised on: June 13th, 2020

Policy was approved by: Amanda Harrison, Chief Operating Officer


Testimonials

ACCREDITATION & AFFILIATES









Partners