These policies apply to the use of computers and networks at American University of Sharjah, and of computers and networks elsewhere if you use American University of Sharjah resources to gain access to those computers or networks. Below are some of our IT polices. You can find a more comprehensive list of IT policies and procedures here (login required.)
The American University of Sharjah (AUS) IT Department’s intentions for publishing an Acceptable Use Policy are not to impose restrictions that are contrary to AUS’s established culture of openness, trust and integrity. The IT Department is committed to protecting AUS's students, faculty, staff, partners and the university from illegal or damaging actions by individuals, either knowingly or unknowingly.
Internet/Intranet/Extranet-related systems, including but not limited to computer equipment, software, operating systems, storage media, network accounts providing electronic mail, WWW browsing, and FTP, are the property of AUS. These systems are to be used for academic and business purposes in serving the interests of the university, and of our students, faculty and staff in the course of normal operations. Please review the Human Resources Policy Manual and the Student Code of Conduct for further details.
Effective security is a team effort involving the participation and support of every AUS student, faculty, staff and affiliate who deals with information and/or information systems. It is the responsibility of every computer user to know these rules and guidelines, and to conduct their activities accordingly.
The purpose of this policy is to outline the acceptable use of computer equipment at AUS. These rules are in place to protect the students, faculty and staff and AUS. Inappropriate use exposes AUS to risks including virus attacks, compromise of network systems and services, and legal issues.
This policy applies to the use of information, electronic and computing devices, and network resources to conduct AUS business or interact with internal networks and business systems, whether owned or leased by AUS, the employee or a third party.
This policy applies to students, faculty and staff, contractors, consultants, temporaries, and other workers at AUS, including all personnel affiliated with third parties. This policy applies to all equipment that is owned or leased by AUS.
The use of AUS resources outlined in the scope of this policy is subject to university policies and procedures, and local and federal laws and regulations. All users of these resources must comply with specific policies and guidelines governing their use. All users must only use these resources in a manner consistent with university policy and the law, including this policy and related procedure, and specialized policies created by specific departments, programs and offices of the university.
The Information Technology Department (IT) is neither an investigative nor a disciplinary entity in its primary responsibilities. However, in cases where university resources and privileges are abused or otherwise threatened, the department may be asked to take appropriate steps. Immediate revocation of access and subsequent prosecution by the authorities, for example, might be directed. Such revocation may be appealed to the IT Steering Committee.
Another example would be to both discipline and hold accountable an individual who damages IT resources. Improper access or modification of AUS information in a computer system may also bring a stiff penalty.
Prohibited acts include but are not limited to the following:
1. Intentional denial of computing service to other users.
2. Exploitation of insecure accounts or resources.
3. Attempting to guess, crack or otherwise determine another user's password.
4. Interception of network transmissions with hardware or software "sniffers."
5. Forging of electronic mail or electronic news or otherwise misrepresent themselves or other individuals in any electronic communication.
6. System administrators are not to use their access to examine the private information of other users except in the course of resolving problems and where access to such information is necessary. In these cases, IT staff are required to seek permission and oversight.
7. IT staff may not transfer resources (hardware, software, documentation, etc.) from designated locations without the explicit permission of their supervisor. The Supply Chain Department shall be notified of the movement and shall update the employee's inventory record accordingly.
8. AUS employees or students may not load any software onto their workstations or servers that has not been purchased or is not free. Software identified as "shareware" should be examined carefully to ensure there is compliance with any licensing requirements. Under no circumstances will software binaries from unknown or illegal sources be placed on workstations or servers.
9. Under no circumstances will AUS employees or students share account passwords, key combinations, alarm codes, keys, access cards or any other access control mechanism for any university resource or facility with any individual in a manner inconsistent with the policies established by their supervisor. In the absence of such policies, employees must have the explicit permission of their supervisor to share any access mechanism to any department resource.
10. AUS staff or faculty who bring vendors or personal guests into AUS IT facilities must make sure that these guests are escorted at ALL times with care given to protecting AUS equipment, facilities and information.
11. IT management reserves the right to audit university-owned workstations and servers without warning for the purpose of verifying software-licensing compliance.
12. All computer and network access is denied unless expressly granted. Access is generally granted by the IT Department in the form of computer and network accounts to registered students, faculty, staff and others as appropriate for such purposes as research, education (including self-study), or university administration. University accounts are protected by passwords.
13. Accounts are assigned to individuals and are not to be shared unless specifically authorized. You, the user, are solely responsible for all functions performed from accounts assigned to you. Anything done through your account may be recorded. It is a violation of university policy to allow others to use your account. It is a violation to use another person's account, with or without that person's permission.
14. Your password, used with your account, is the equivalent of your electronic signature. The use of user ID and password authenticates your identity and gives your online affirmation the force of a legal document. You should guard your password and account as you would your checkbook and written signature. It is a violation of this policy to divulge your password to anyone. It is a violation to attempt to learn the password to another person’s account, whether the attempt is successful or not. Be sure that you check the Password Policy for further details on how to choose a strong password and keep it protected.
15. You may not attempt to disguise your identity, the identity of your account or the machine that you are using. You may not attempt to impersonate another person or organization.
16. You may not attempt to monitor other users' data communications; you may not infringe the privacy of others' computer files; you may not read, copy, change or delete another user's computer files or software without the prior express permission of the owner.
17. You may not engage in actions that interfere with the use by others of any computers and networks. Such conduct includes, but is not limited to, the placing of unlawful information on the system; the transmitting of data or programs likely to result in the loss of the recipient's work or system downtime; the sending of "chain letters" or "broadcast" messages to lists or individuals; any other use that causes congestion of the networks or interferes with the work of others.
18. You may not engage in actions that threaten or intentionally offend others, such as the use of abusive or obscene language in either public or private messages, or the conveying of threats to individuals or institutions by way of AUS computers and/or networks.
19. You may not attempt to bypass computer or network security mechanisms without the prior express permission of the owner of that computer or network system. Possession of tools that bypass security or probe security, or of files that may be used as input or output for such tools, shall be considered as the equivalent to such an attempt.
20. You may not alter, copy or translate software licensed to another party. You may not make available copyrighted materials without the express permission of the copyright holder. Respect for intellectual labor is vital to the academic discourse. Violations of authorial integrity, plagiarism, invasion of privacy, unauthorized access, and trade secret and copyright violations may be grounds for university sanctions as well as legal prosecution.
To summarize, access to university computing and communications equipment and facilities may be revoked for reasons including, but not limited to:
Finally, users may not read sensitive information simply because it is accessible to them—because of accidental exposure and/or through the malice of others who have broken into a system or are misusing their access privileges. When sensitive information is recognized as such, it should not be examined further, but reported to the keeper of the materials, if known, or reported to management, if not.