Acceptable Use Policy

Overview

DePaul University provides an array of Computing Resources to students, faculty, staff, and guests of the University community. These Computing Resources include, but are not limited to electronic mail systems, Web hosting, network storage space, and Internet connectivity as well as various physical resources such as university-owned computers, network cabling, wireless access points, computer workstations, kiosks, card swipes, printers, audio-visual equipment, telephone/FAX equipment, computer room equipment or wiring closets. Computing Resources are needed to, among other things, provide educational experiences, perform research and development, conduct business activities, and provide cost-effective communication.

This Policy is intended to encourage, rather than discourage, the use of Computing Resources at DePaul University by providing a framework for acceptable use.

DePaul University deeply values the privacy rights of all individuals using its Computing Resources. As a matter of usual business practice, DePaul does not routinely monitor individual usage of its Computing Resources. Nonetheless, users should be aware that all Computing Resources are the property of DePaul. As such, Information Services may access and monitor Computing Resources and any information stored on or transmitted through those Computing Resources, but only in accordance with applicable laws, for legitimate business purposes including, but not limited to, system monitoring and maintenance, complying with legal requirements, and administering this or other DePaul policies. Users who wish to maintain absolute privacy of information should transmit and store that information on and through media other than DePaul University Computing Resources. Further, in order to protect systems on the DePaul network, Information Services may, without prior notice if deemed necessary, remove compromised machines from the network, block malicious traffic from entering the network, and/or prohibit machines within DePaul's network from connecting to known malicious outside entities.

Acceptable Use

Computing Resources at DePaul shall be used only for legitimate educational and business purposes. Limited personal use of Computing Resources by students, staff, and faculty is permissible if it does not violate this Policy or other University policies, or otherwise interfere with the legitimate education and business purposes of DePaul.

Violations of Acceptable Use

Violations of this Policy include, but are not limited to:

a) Illegal Use

Using Computing Resources to upload, transmit, post, or store any material or data that, intentionally or unintentionally, violates any applicable local, state, national or international law, or violates the rules, policies, or procedures of the University or any University department is prohibited.

b) Harmful Action Towards Minors

Using Computing Resources to harm, or attempt to harm, any minor or group of minors is prohibited.

c) Threats or Harassment

Using Computing Resources to transmit material or data that causes or encourages physical or intellectual abuse, damage or destruction of property, or that causes or encourages harassment, explicit or implied is prohibited.

d) Forgery or Impersonation

Falsifying or removing identifying information on Computing Resources with intent to deceive or misguide is prohibited. Impersonation of other persons or groups with intent to harm is prohibited.

e) Unsolicited Electronic Mail

Using Computing Resources to transmit any material in the form of unsolicited electronic mail/unsolicited commercial exchange; unconfirmed e-mail address subscription to mailing lists; or the subscription of e-mail addresses to mailing lists without explicit options to unsubscribe is prohibited.

f) Fraudulent Activity

Using Computing Resources to transmit material or communications to promote a financial scam or wrongdoing is prohibited.

g) Unauthorized Access, Threat Assessments or Penetration Attempts

Unauthorized access, threat assessments or penetration attempts of Computing Resources, or remote entity using DePaul University Computing Resources, is prohibited. Security assessments performed by authorized University personnel, authorized parties outside the University, or research conducted in a research and development environment disconnected from the University network and Internet, may be permitted with express University permission.

h) Intercepting Communications

The use of packet sniffers, password capture applications, keystroke loggers and any other tools that perform such similar behavior or any form of network wiretapping on Computing Resources is prohibited. The use of such tools to analyze or mitigate ongoing security violations may be permitted when conducted by authorized University personnel.

i) Collection of Data

The unauthorized collection of personal or University data without prior consent is prohibited by this and other University policies.

j) Reselling Services

Reselling, leasing or sharing University Computing Resources, including network access, electronic mail, Web hosting, file storage or processing time, without expressed consent of the University, is prohibited. The hosting of web servers or other Internet services which perform commercial activity is also prohibited.

k) Service Interruptions

Using Computing Resources to permit or promote activity which adversely affects the integrity or performance of Computing Resources is prohibited. Denial of service attacks, forged packet transmission and similar actions, without express permission of the University, are prohibited.

l) Physical Security

Unauthorized access to, destruction or alteration of, theft, damage or tampering of any physical Computing Resources, including network cabling, wireless access points, computer workstations, kiosks, card swipes, printers, audio-visual equipment, telephone/FAX equipment, computer room equipment or wiring closets is prohibited.

m) Copyright and Trademark Infringement

Transmitting, uploading, or storing any material that infringes upon an existing copyright, trademark, patent, trade secret or other legal right using Computing Resources is prohibited.

n) Transferring of Use

Permission to use Computing Resources is granted to individuals and may not be transferred to other individuals. Sharing of a user ID/password assigned to an individual is expressly prohibited. Use of another user's ID or seeking to access another user's account is prohibited. Similarly, individuals may not use their user IDs to provide access to DePaul's wireless network to other individuals.

o) Interference with or Transmission of Wireless Signals

Interfering with DePaul's wireless networks or attaching a device to transmit a DePaul network is strictly prohibited.

p) Unapproved Network Services.

Running network service software, which may disrupt DePaul network services is prohibited. The following are examples of prohibited services:

DHCP servers

DNS servers

Services which perform IP masquerading or NAT services

Routers and wireless access points

q) Circumvention of controls

Circumventing security controls or exploiting vulnerabilities at DePaul or at any other network from DePaul equipment or network is prohibited. Gaining access by exceeding the limits of assigned authorization is likewise prohibited.