1,707
edits
Line 96: | Line 96: | ||
It is the responsibility of the workforce to utilize the information technology resources in an appropriate manner. Individuals with access to information systems are expected to safeguard resources and maintain appropriate levels of confidentiality in order to protect the integrity of all data and of the interests of the entity.<br /> | It is the responsibility of the workforce to utilize the information technology resources in an appropriate manner. Individuals with access to information systems are expected to safeguard resources and maintain appropriate levels of confidentiality in order to protect the integrity of all data and of the interests of the entity.<br /> | ||
<br /> | <br /> | ||
It is the responsibility of the workforce to protect confidential information at all times including but not limited to when stored electronically (at rest) and when the data is being transferred outside of the facility such as on a mobile device or a diskette (See [http://www.unmc.edu/its/ | It is the responsibility of the workforce to protect confidential information at all times including but not limited to when stored electronically (at rest) and when the data is being transferred outside of the facility such as on a mobile device or a diskette (See [http://www.unmc.edu/its/security/procedures/enduser.html ITS Security Procedure: End User Device]).<br /> | ||
<br /> | <br /> | ||
UNMC’s information technology resources are to be used predominately for completing UNMC work related business. Misuse of University information systems is prohibited. Misuse includes the following (see Executive Memorandum No. 16, [http://nebraska.edu/docs/president/16%20Responsible%20Use%20of%20Computers%20and%20Info%20Systems.pdf Policy for Responsible Use of Information Resources]) | UNMC’s information technology resources are to be used predominately for completing UNMC work related business. Misuse of University information systems is prohibited. Misuse includes the following (see Executive Memorandum No. 16, [http://nebraska.edu/docs/president/16%20Responsible%20Use%20of%20Computers%20and%20Info%20Systems.pdf Policy for Responsible Use of Information Resources]) | ||
Line 123: | Line 123: | ||
Persons using UNMC's information technology facilities and services bear the primary responsibility for the material they choose to access, send or display. It is a violation to access and view materials which would create the existence of a sexually hostile working, patient care, or educational environment.<br /> | Persons using UNMC's information technology facilities and services bear the primary responsibility for the material they choose to access, send or display. It is a violation to access and view materials which would create the existence of a sexually hostile working, patient care, or educational environment.<br /> | ||
<br /> | <br /> | ||
It is the workforce‘s responsibility to notify ITS when an information security incident appears to have happened. (See [http://www.unmc.edu/its/ | It is the workforce‘s responsibility to notify ITS when an information security incident appears to have happened. (See [http://www.unmc.edu/its/security/procedures/incident-reporting.html ITS Security Procedure: Information Security Incident Reporting and Response]). A security incident includes, but is not limited to the following events, regardless of platform or computer environment: | ||
#Evidence of tampering with data | #Evidence of tampering with data | ||
#System is overloaded to the point that no activity can be performed (Denial of service attack on the network) | #System is overloaded to the point that no activity can be performed (Denial of service attack on the network) | ||
Line 134: | Line 134: | ||
#Other incidents that could undermine confidence and trust in the UNMC’s information technology systems | #Other incidents that could undermine confidence and trust in the UNMC’s information technology systems | ||
ITS or other personnel must take immediate action to mitigate any threats that have the potential to pose a serious risk to campus information system resources. If the threat is deemed serious enough, the system(s) or individual posing the threat will be blocked from network access. Communication with department leadership regarding such action will take place as soon as possible. The block will be removed as soon as the threat has been repaired. (See UNMC ITS Security Procedure: Information Security Incident Reporting and Response) | ITS or other personnel must take immediate action to mitigate any threats that have the potential to pose a serious risk to campus information system resources. If the threat is deemed serious enough, the system(s) or individual posing the threat will be blocked from network access. Communication with department leadership regarding such action will take place as soon as possible. The block will be removed as soon as the threat has been repaired. (See UNMC ITS Security Procedure: Information Security Incident Reporting and Response) | ||
===Copyright=== | ===Copyright=== | ||
UNMC maintains strict compliance with the Digital Millennium Copyright Act of 1998 and applicable amendments. It should be noted that traditionally a user purchases a software “license,” which is a right to use. Many times the licenses can only be loaded on one machine. Violating any software license or copyright is in violation of university policy. | UNMC maintains strict compliance with the Digital Millennium Copyright Act of 1998 and applicable amendments. It should be noted that traditionally a user purchases a software “license,” which is a right to use. Many times the licenses can only be loaded on one machine. Violating any software license or copyright is in violation of university policy. |