Information Technology Acceptable Use Policy

The purpose of this Acceptable Use policy is to enable Cambrian College (the “College”) to:

• Outline the acceptable use of its information systems, and
• Set rules to protect the College and the College Community.

Inappropriate use exposes the College to risks including virus attacks, compromise of network systems and services, and legal issues. In general, acceptable use covers everything including respecting the rights of other computer users, the integrity of the physical facilities, and all pertinent license and contractual agreements. If an individual is found to be in violation of the Acceptable Use Policy, sanctions may be applied and include, but are not limited to, temporary or permanent revocation of access to some or all of the Information Technology Resources, and legal action according to applicable laws and contractual agreements.

This policy governs the College Community’s use of the College’s Information Technology Resources from any access point, including internal and remote. This policy is applicable to all privately-owned devices connected to the College’s Information Technology Resources.

The College may also take action relating to a User’s use of College or non-College computer resources, either on campus or elsewhere, when such behavior may involve the commission of a crime or poses a danger or threat to others or is in contravention of any College policy.

College Community: Includes all registered students, both full and part-time; all paid employees; and all others associated with the College including Board of Governor members, retirees, volunteers, contractors, suppliers, and such visitors as are granted temporary User status by the College.

Data: Data used in this Policy is characterized by one or more of the following:

• Information that is processed by means of equipment operating automatically in response to instructions given for that purpose,
• Information that is recorded with the intention that it should be processed by means of such equipment,
• Information that is recorded as part of a relevant filing system or with the intention that it should form part of a relevant filing system, and
• Information that does not fall within any of the above but forms part of a readily accessible record covering an individual.
• Data, therefore, includes any digital data generated by a computer or automated equipment and any manual information that is part of a relevant filing system.

Information Technology Resources: Those physical, electronic, or intellectual resources used to produce, convey, transmit, store, analyze, collate, distribute, present, display, etc. Data or information in whatever form (e.g., text, pictorial, graphic, audio, etc.), that typically consist of, but are not limited to: computer hardware and software; networking cables, devices and equipment; applications including browsers, servers, and databases; telecommunications, audio-visual, and telephone equipment; any device that connects to the network and/or the Internet; and, other forms of information technologies that exist today or may be developed in the future.

User: College Community member authorized to have access to certain designated Information Technology Resources.

User Account: A location on the College’s network server used to store a User’s computer username, password, and other information

XaaS: Anything as a service” (XaaS) describes a general category of services related to cloud computing and remote access. It recognizes the vast number of products, tools, and technologies that are now delivered to users as a service over the internet.

1. General
   Computing resources are provided to support the educational, administrative and research tasks of the College and to further the College mission.
   1. Information Technology Resources are valuable College resources shared by the entire College Community. Misuse or wasteful use of these resources threatens the College strategic plan and mission and is not tolerated.
   2. Information Technology Resources may be used only by those individuals of the College Community who are authorized to do so.
   3. Users must comply with all municipal, provincial, federal and other applicable law, including but not limited to the Freedom of Information and Protection of Personal Privacy Act, RSO 1990, c. F.31, the Personal Health Information Protection Act, SO 2004, c. 3, the Personal Information Protection and Electronic Documents Act, SC 2000, c. 5, and the Criminal Code, RSC, 1985, c. C-46, as well as all applicable College policies and procedures.
   4. Members of the College Community are responsible and accountable for their actions and statements in the electronic working and learning environment.
   5. Community members are expected to use reasonable restraint in the consumption of these valuable shared resources, and to use them in ways that do not interfere with the study, work or working environment of other Users.
   6. Users accessing external networks are bound by the policies of these networks. The more restrictive policy of either the College or the external network applies.
   7. While it aims to provide reliable access to computing resources, the College does not warrant that the functions of the resources will meet any User requirements, nor that the resources are error free or uninterrupted.
   8. The College is not liable for any indirect, incidental or consequential damages (including but not limited to lost data, information or profits) sustained or incurred in connection with the use of, operation of, or inability to use the provided Information Technology Resources.
   9. The College reserves the right to remove a User from a computer lab if the User is not part of the class in progress.
   10. All email correspondence with currently registered students will be done via the students College provided email account.
   11. Only the Information Technology Department acquires and maintains all hardware, software, including, but not limited to Anything-as-a-service (XaaS) regardless of cost, services, and other Information Technology Resources used and provided by the College.
2. Acceptable Use of Resources
   1. College Information Technology Resources may be used only for College related activities. For employees, the College does permit limited amounts of personal use of e-mail and Internet access, providing such activity does not interfere with the employee’s work schedule or responsibilities, or the mission of the College.
   2. Users must use Information Technology Resources only for the purposes for which they are authorized. Users may not use Information Technology Resources in any of the following ways:
      1. For private business use of any form for direct personal financial gain.
      2. In a manner that would imply College support for any political party, candidate, position or proposition.
      3. For the creation, transmission, storage, access or viewing of materials which in any way contribute to, support, or promote actions which are prohibited on the basis of harassment and/or discrimination as per College policies. This restriction is not intended to interfere with legitimate and appropriate use for teaching and learning purposes.
      4. For the creation, transmission, storage, access or viewing of materials prohibited by law, or which, in the sole opinion of the College, are offensive by community standards and values. These restrictions include, but are not limited to, the following:
         1. Any form of material supporting or contributing to the harassment or discrimination;
         2. Any form of pornographic, obscene or sexually explicit material; and
         3. Any form of illegal trade, negotiation, or conspiracy to conduct illegal acts.
      5. For the creation, transmission, storage, access or viewing of materials, which the College deems to serve no useful academic or administrative process. These restrictions include, but are not limited to the following:
         1. Communications which denigrate the objectives of the College.
      6. For the purpose of creation, development, storage, replication or transmittal of any program, code, subroutine or other means intended to disrupt, interfere, destroy or corrupt the normal operation of computing systems or data (e.g., viruses, worms, hack utilities).
      7. The College reserves the right to restrict the following:
         1. Online gaming, including but not limited to multi-player internet or local area network games;
         2. Downloading, copying or transmittal of personal use software or any other form of electronic information and materials.
3. Integrity and Security of Resources
   1. Any action or attempt by an individual to subvert or disrupt the intended use or functioning of any Information Technology Resources, or to affect their use or operation in a manner detrimental to other Users, is prohibited.
   2. No User shall deliberately jeopardize the integrity of the College’s Information Technology Resources. Any attempts to bypass system security, or tamper with, or cause damage to, Information Technology Resources is viewed as jeopardizing the functioning of College Information Technology.
   3. The College reserves the right to review any material stored in files and programs on a device connected to Information Technology Resources, and will edit or remove any material which it, in its sole discretion, believes may be unlawful, obscene, abusive or otherwise objectionable.
   4. Users are responsible for any, and all, use of their User Accounts. As such, Users must:
      1. Maintain secure passwords for any, and all, accounts assigned to them;
      2. Ensure and safeguard against others obtaining unauthorized access to their accounts; and
      3. Not share passwords or any other access control information for their User Accounts.
      4. The Information Technology Department reserves the right to delete a student’s email account if unused for more than one (1) year.
   5. Computing activity is centrally monitored. Each User is responsible for the activity conducted under their User Account.
   6. Users must comply with all copyright and license conditions associated with Information Technology Resources. As such, Users:
      1. Must not move, copy or transfer programs, files or other forms of software from one computing system to another without proper authorization to do so.
      2. Must not distribute, sell or make available software to any person where prohibited by copyright or license.
      3. Must not access or use software belonging to, or owned by, the College without proper authorization and license rights.
   7. While the College provides central backup services for central computer systems, College computers are not backed up and are rebuilt on a periodic basis. Users of these networks are responsible for backing up information that they place on these computers and/or utilizing central computer storage areas provided to Users.
4. Confidentiality
   1. Users of Information Technology Resources are expected to be informed of, and comply with, all applicable College policies.
   2. Registered students are expected to use their college provided email account when communicating electronically with the College, including communicating with faculty. Email messages received from the College email system will be treated as legitimate. Students who do not use their college email account for corresponding with the College will be deemed to have not responded.
   3. Generally, with respect to computing User Accounts established for students, faculty, and staff, there is a presumption of privacy. However, if the College suspects an infraction, it will investigate the traffic and files in accordance with the appropriate College policies and in compliance with the law.
   4. Users are responsible for the confidentiality of any restricted data or information for which the College has granted access. As such, Users must:
      1. Ensure confidential information is not shared;
      2. Not leave their devices unattended while logged-on to their User Accounts;
      3. Exercise discretion when printing confidential information;
      4. Not copy, send, duplicate or transmit by any means confidential data from College systems for any purpose other than performance of College-related business.
5. Sanctions
   1. The College may invoke procedures and disciplinary measures in instances of policy violation.
   2. Inappropriate use of the Information Technology Resources is addressed through established employee and student discipline policy and procedures. In addition to the sanctions identified in College policies, sanctions specific to the inappropriate use of Information Technology Resources may be applied and include, but are not limited to, temporary or permanent revocation of access to some or all of the Information Technology Resources, and legal action according to applicable laws and contractual agreements.

Vice President, International, Finance and Administration is responsible for:

• Ensuring the overall quality assurance and access of the Information Technology Resources of the College

Director Information Technology is responsible for:

• Establishing, maintaining and updating the procedures for gaining access to and using the College Information Technology Resources
• Making available to the College Community all such procedures and regulations

College Community is responsible for:

• Complying with the requirements of this policy
• Reporting unacceptable use of College Information Technology Resources