1,707
edits
Line 96: | Line 96: | ||
It is the responsibility of the workforce to utilize the information technology resources in an appropriate manner. Individuals with access to information systems are expected to safeguard resources and maintain appropriate levels of confidentiality in order to protect the integrity of all data and of the interests of the entity.<br /> | It is the responsibility of the workforce to utilize the information technology resources in an appropriate manner. Individuals with access to information systems are expected to safeguard resources and maintain appropriate levels of confidentiality in order to protect the integrity of all data and of the interests of the entity.<br /> | ||
<br /> | <br /> | ||
It is the responsibility of the workforce to protect confidential information at all times including but not limited to when stored electronically (at rest) and when the data is being transferred outside of the facility such as on a mobile device or a diskette (See [ | It is the responsibility of the workforce to protect confidential information at all times including but not limited to when stored electronically (at rest) and when the data is being transferred outside of the facility such as on a mobile device or a diskette (See [https://info.unmc.edu/its-security/policies/procedures/enduser.html ITS Security Procedure: End User Device]).<br />UNMC’s information technology resources are to be used predominately for completing UNMC work related business. Misuse of University information systems is prohibited. Misuse includes the following (see Executive Memorandum No. 16, [http://nebraska.edu/docs/president/16%20Responsible%20Use%20of%20Computers%20and%20Info%20Systems.pdf Policy for Responsible Use of Information Resources]) | ||
<br /> | <br /> | ||
#Attempting to modify or remove computer equipment, software, or peripherals without proper authorization. | #Attempting to modify or remove computer equipment, software, or peripherals without proper authorization. | ||
#Accessing without proper authorization computers, software, information or networks which the University belongs, regardless of whether the resource accessed is owned by the University or the abuse takes place from a non-University site. | #Accessing without proper authorization computers, software, information or networks which the University belongs, regardless of whether the resource accessed is owned by the University or the abuse takes place from a non-University site. | ||
Line 123: | Line 123: | ||
Persons using UNMC's information technology facilities and services bear the primary responsibility for the material they choose to access, send or display. It is a violation to access and view materials which would create the existence of a sexually hostile working, patient care, or educational environment.<br /> | Persons using UNMC's information technology facilities and services bear the primary responsibility for the material they choose to access, send or display. It is a violation to access and view materials which would create the existence of a sexually hostile working, patient care, or educational environment.<br /> | ||
<br /> | <br /> | ||
It is the workforce‘s responsibility to notify ITS when an information security incident appears to have happened. (See [ | It is the workforce‘s responsibility to notify ITS when an information security incident appears to have happened. (See [https://info.unmc.edu/its-security/policies/procedures/incident-reporting.html ITS Security Procedure: Information Security Incident Reporting and Response]). A security incident includes, but is not limited to the following events, regardless of platform or computer environment: | ||
#Evidence of tampering with data | #Evidence of tampering with data | ||
#System is overloaded to the point that no activity can be performed (Denial of service attack on the network) | #System is overloaded to the point that no activity can be performed (Denial of service attack on the network) |