American University of Sharjah
American University of Sharjah

IT Services

Information technology

IT Policies

Prohibited Acts and Proper Resource Utilization

The Department of Information Technology (IT) is neither an investigative nor a disciplinary entity in its primary responsibilities. However, in cases where university resources and privileges are abused or otherwise threatened, the department may be asked to take appropriate steps. Immediate revocation of access and subsequent prosecution by the authorities, for example, might be directed. Such revocation may be appealed to the IT committee.

Another example would be to both discipline and hold accountable an individual who damages IT resources. Improper access or modification of AUS information in a computer system may also bring a stiff penalty.

Prohibited acts include but are not limited to the following:

1. Intentional denial of computing service to other users.

2. Exploitation of insecure accounts or resources.

3. Attempting to guess, crack or otherwise determine another user's password.

4. Interception of network transmissions with hardware or software "sniffers."

5. Forging of electronic mail or electronic news or otherwise misrepresent themselves or other individuals in any electronic communication.

6. System administrators are not to use their access to examine the private information of other users except in the course of resolving problems and where access to such information is necessary. In these cases, IT staff are required to seek permission and oversight.

7. IT staff may not transfer resources (hardware, software, documentation, etc.) from designated locations without the explicit permission of their supervisor. University Services Department shall be notified of the movement and shall update the employee's inventory record accordingly.

8. AUS employees or students may not load any software onto their workstations or servers that has not been purchased or is not free. Software identified as "shareware" should be examined carefully to ensure there is compliance with any licensing requirements. Under no circumstances will software binaries from unknown or illegal sources be placed on workstations or servers.

9. Under no circumstances will AUS employees or students share account passwords, key combinations, alarm codes, keys, access cards or any other access control mechanism for any University resource or facility with any individual in a manner inconsistent with the policies established by their supervisor. In the absence of such policies, employees must have the explicit permission of their supervisor to share any access mechanism to any department resource.

10. AUS staff or faculty who bring vendors or personal guests into AUS IT facilities must make sure that these guests are escorted at ALL times with care given to protecting AUS equipment, facilities, and information.

11. IT management reserves the right to audit University owned workstations and servers without warning for the purpose of verifying software-licensing compliance.

12. All computer and network access is denied unless expressly granted. Access is generally granted by the IT Department in the form of computer and network accounts to registered students, faculty, staff, and others as appropriate for such purposes as research, education (including self-study), or University administration. University accounts are protected by passwords. Deans and Directors must verify the requirement with their signature on the attached form (Annex A).

13. Accounts are assigned to individuals and are not to be shared unless specifically authorized. You, the user, are solely responsible for all functions performed from accounts assigned to you. Anything done through your account may be recorded. It is a violation of University Policy to allow others to use your account. It is a violation to use another person's account, with or without that person's permission.

14. Your password, used with your account, is the equivalent of your electronic signature. The use of user-id and password authenticates your identity and gives your on-line affirmation the force of a legal document. You should guard your password and account as you would your check book and written signature. It is a violation of this Policy to divulge your password to anyone. It is a violation to attempt to learn the password to another persons account, whether the attempt is successful or not.

15. You may not attempt to disguise your identity, the identity of your account or the machine that you are using. You may not attempt to impersonate another person or organization.

16. You may not attempt to monitor other users' data communications; you may not infringe the privacy of others' computer files; you may not read, copy, change, or delete another user's computer files or software without the prior express permission of the owner.

17. You may not engage in actions that interfere with the use by others of any computers and networks. Such conduct includes, but is not limited to, the placing of unlawful information on the system; the transmitting of data or programs likely to result in the loss of the recipient's work or system downtime; the sending of "chain letters" or "broadcast" messages to lists or individuals; any other use that causes congestion of the networks or interferes with the work of others.

18. You may not engage in actions that threaten or intentionally offend others, such as the use of abusive or obscene language in either public or private messages, or the conveying of threats to individuals or institutions by way of AUS computers and/or networks.

19. You may not attempt to bypass computer or network security mechanisms without the prior express permission of the owner of that computer or network system. Possession of tools that bypass security or probe security, or of files that may be used as input or output for such tools, shall be considered as the equivalent to such an attempt.

20. You may not alter, copy or translate software licensed to another party. You may not make available copyrighted materials without the express permission of the copyright holder. Respect for intellectual labor is vital to the academic discourse. Violations of authorial integrity, plagiarism, invasion of privacy, unauthorized access, and trade secret and copyright violations may be grounds for university sanctions as well as legal prosecution.

To summarize, access to University computing and communications equipment and facilities may be revoked for reasons including, but not limited to:

  • attacking the security of the system,
  • modifying or divulging private information such as file or mail contents of other users without their consent,
  • modifying or destroying University data, or
  • using the networks in a manner contrary to the established guidelines.

Finally, users may not read sensitive information simply because it is accessible to them - because of accidental exposure and/or through the malice of others who have broken into a system or are misusing their access privileges. When sensitive information is recognized as such, it should not be examined further, but reported to the keeper of the materials, if known, or reported to management, if not.

More Information