Use of Computers and Data Communications
Formerly Executive Memorandum 94-109
Initially approved December 12, 1994
Revised December 20, 2002
Administering Office: Office of the Chief Information Officer
The University provides computer access and capabilities through the Office of the
Chief Information Officer and various College and department computer systems. The
University relies heavily upon these systems to meet operational, financial, educational
and informational needs. It is essential that these systems and machines be protected
from misuse and unauthorized access. It is also essential that WCU's computers, computer
systems, and computer networks, as well as the data they store and process, be operated
and maintained in a secure environment and in a responsible manner.
This policy applies to all University computer systems and refers to all hardware,
data, software and communications networks associated with these computers. In particular,
this policy covers computers ranging from multi-user timesharing systems to single
user personal computers, whether free-standing or connected to the network.
In addition to this computer policy, users of these computer systems are subject to
applicable state and federal laws. Computer abuse will be referred to the Chief Information
Officer and/or college or department computer network and laboratory managers. Abuse
involving theft or vandalism will also be reported to the Director of University Police.
Computing resources are valuable, and their abuse can have a far-reaching negative
impact. Computer abuse affects everyone who uses computing facilities. The same moral
and ethical behavior that applies in the non-computing environment applies in the
II. DEFINITION OF TERMS
A. Computer Systems
Computer systems include any personal computer (stand-alone or networked), workstation,
mini-computer or mainframe computer used on this campus or accessible by way of networks
at other locations.
B. Computer Networks
Computer networks include any local or wide area communications systems connecting
above defined computer systems.
C. Network Backbone
Network backbone consists of the primary communications media which connect small
networks and individual terminals, personal computers, workstations, etc., to other
D. Local Area Networking Media
Local area networking media may consist of copper wire, fiber optic cable, thin or
thick wire cable which is used to connect one terminal, personal computer, workstation,
etc., to another or to network interface equipment.
III. COMMON FORMS OF COMPUTER ABUSE
Misuse or abuse of computers, computer systems, computer networks, programs, and data
are prohibited. The following topics are considered areas of abuse:
A. Privacy vs. Open Records
Investigating or reading another user's files is considered the same as reading papers
on someone's desk - a violation of that person's privacy. Reading protected files
without authorization, by whatever mechanism, is a criminal violation.
Western Carolina University reserves the right to examine files, programs, passwords,
accounting information, printouts, or other computing material without notice for
the purpose of investigating possible abuses of this policy. No accurately addressed
and delivered electronic mail will be read by system personnel without the user's
consent except in those situations that are explicitly delineated as exceptions in
the Electronic Communications Privacy Act ("18 U.S.C. 2510,et. seq.").
Violations include, but are not limited to:
- attempting to access another user's computer files without permission;
- supplying or attempting to supply false or misleading information or identification
in order to access another user's account;
- deliberate, unauthorized attempts to access or use University computers, computer
facilities, networks, systems, programs or data;
- the unauthorized manipulation of WCU's computer systems, programs or data.
- the unauthorized capturing of computer network data directly from network backbone
or local area networking media.
Theft includes the stealing of any property of the institution or the State of North
Carolina. Violations include, but are not limited to:
- unauthorized use of university computing resources, including the use of E-mail or
Internet communications, for personal gain or personal purposes;
- using subterfuge to avoid being charged for the use of computer resources;
- deliberate, unauthorized use of another user's account to avoid being billed for the
- abusing specific computer resources such as the INTERNET;
- attempting unauthorized access to computers outside the University using the University's
computers or communications facilities;
- removing any computer equipment (hardware, software, data, etc.) without written authorization;
- copying, or attempting to copy, data or software without proper authorization.
Any user's account, as well as the operating system itself, is a possible target for
vandalism. Attempted or detected alteration of user system software, data or other
files, as well as equipment or resources disruption or destruction, is considered
vandalism. Violations include, but are not limited to:
- sending either mail or a program which will replicate itself or do damage to another
- tampering with or obstructing the operation of the University's computer systems (for
example, attempting to "crash" the system);
- inspecting, modifying, or distributing data or software without proper authorization
or attempting to do so;
- attempting to interfere with the performance of the system;
- damaging computer hardware or software.
D. Copyright Issues
The University owns licenses to a number of proprietary programs. Users who redistribute
software from the computing systems break agreements with its software suppliers,
as well as applicable federal copyright, patent and trade secret laws. Copyright protection
also applies to many resources found on the Internet, including but not limited to,
images, audio and video files, and electronic versions of print materials.
Therefore, the redistribution of any software or other copyrighted materials from
computing systems is strictly prohibited except in the case of software that is clearly
marked as being in the public domain. Violations include, but are not limited to:
- copying, transmitting, or disclosing data, software or documentation without proper
authorization, or attempting to do so.
Harassment of other users may be the sending of unwanted messages or files. Violations
include, but are not limited to:
- interfering with the legitimate work of another user, to include sending of chain
mail or other non-university related messages;
- the sending of abusive or obscene messages via computers;
- the use of computer resources to engage in abuse of computer personnel or other users.
Other uses commonly considered unethical include, but are not limited to, the following:
- unauthorized and time consuming recreational game playing;
- using computer accounts for work not authorized for that account;
- sending chain letters or unauthorized mass mailings;
- using the computer for personal profit, the private benefit of other individuals or
organizations, or for other illegal purposes;
- personal advertisements.
IV. COMPUTER USAGE GUIDELINES
- Users may not engage in any of the common forms of computer abuse listed above.
- Users are to have valid, authorized accounts and may only use those computer resources
that are specifically authorized. Users may only use their account in accordance with
its authorized purpose. Users are responsible for safeguarding their own computer
account. Users should not let another person use their account unless authorized by
the system administrator for a specific purpose. Passwords should be changed often
to ensure that private and secure files are kept secure.
- Users may not change, copy, delete, read, or otherwise access files or software without
permission of the custodian of the files or the system administrator. Users may not
bypass accounting or security mechanisms to circumvent data protection schemes. Users
may not attempt to modify software except when intended to be user customized.
- Users may neither prevent others from accessing the system nor unreasonably slow down
the system by deliberately running wasteful jobs, playing games, engaging in non-productive
or idle chatting, or sending mass mailings or chain letters.
- Users shall assume that any software or file they did not create is copyrighted. They
may neither distribute copyrighted proprietary material without the written consent
of the copyright holder nor violate copyright or patent laws concerning computer software,
documentation or other tangible assets.
- Users must not use the computer systems to violate any rules in the University Staff
Handbook, Faculty and Student Handbooks, or any local, state or federal laws.
- A user shall disclose to the appropriate authorities misuses of computing resources
or potential loopholes in computer systems security and cooperate with the systems
administrator in the investigation of abuses.
In connection with inquiries into possible abuses, the University reserves the right
to examine files, programs, passwords, accounting information, printouts, or other
computing material without notice. Only the Chief Information Officer may authorize
examinations. Whenever such an examination is conducted, the examiner will maintain
an inventory of all items examined.
Abuse or misuse of computing services may not only be a violation of this policy or
user responsibility, but it may also violate the criminal statutes. Therefore, the
University will take appropriate action in response to user abuse or misuse of computing
services. Action may include, but not necessarily be limited to: suspension or revocation
of computing privileges. Access to all computing facilities and systems can, may,
or will be denied; reimbursement to the University for resources consumed; other legal
action including action to recover damages; referral to law enforcement authorities;
computer users (faculty, staff and/or students) will be referred to the appropriate
office for disciplinary action. Students will be referred to the Office of the Vice
Chancellor for Student Affairs.
VI. DISTRIBUTION OF THIS POLICY
The University will insure that all users are aware of the policy by publishing it
in appropriate media designed to reach all faculty, staff and students.