Question

In: Computer Science

Search the Web for examples of issue-specific security policies. What types of policies can you find?...

  1. Search the Web for examples of issue-specific security policies. What types of policies can you find? Using the format provided in this chapter, draft a simple issue-specific policy that outlines fair and responsible use of computers at your college, based on the rules and regulations of your institution.

     Consider the following Policies at university of Sharjah:

  • Policy Statement
  • User Responsibility
  • General Computer Usage
  • Internet Use
  • Electronic Mail
  • Authorized Access and Usage of Equipment
  • Systems Management
  • Violations of Policy
  • Limitations of Liability

Solutions

Expert Solution

Policies on the Use of Computers

1.0 Overview

The University is committed to free and open inquiry and discussion, fair allocation of University resources, and the provision of a working environment free of needless disruption. To advance these goals, the University has adopted policies on computer usage. Most of these policies follow from existing regulations, agreements, laws, and/or policies.

2.0 Objective / Purpose

This document has two purposes: to prohibit certain unacceptable uses of the University's computers and network facilities, and to educate users about their individual responsibilities.

3.0 Scope

This policy covers all computers owned or administered by any part of The University or connected to the University's communication facilities, including departmental computers and personally owned computers, and also the University's computer network facilities accessed by anyone from anywhere.

4.0 Policy

4.1 No one shall use any University computer or network facility without proper authorization. No one shall assist in, encourage, or conceal from authorities any unauthorized use, or attempt at unauthorized use, of any of the University's computers or network facilities.

4.2 No one shall knowingly endanger the security of any University computer or network facility, nor willfully interfere with others' authorized computer usage.

4.3 No one shall use the University's communication facilities to attempt unauthorized use, nor to interfere with others' legitimate use, of any computer or network facility anywhere.

4.4 No one shall connect any computer to any of the University's networks unless it meets technical and security standards set by the University administration.

4.5 All users shall share computing resources in accordance with policies set for the computers involved, giving priority to more important work and cooperating fully with the other users of the same equipment.

4.6 No one without specific authorization shall use any University computer or network facility for non-University business.

4.7 No one shall give any password for any University computer or network facility to any unauthorized person, nor obtain any other person's password by any unauthorized means whatsoever. No one except the system administrator in charge of a computer is authorized to issue passwords for that computer.

4.8 No one shall misrepresent his or her identity or relationship to the University when obtaining or using University computer or network privileges.

4.9 No one without specific authorization shall read, alter, or delete any other person's computer files or electronic mail. This rule applies regardless of whether the operating system of the computer permits these acts.

4.10 No one shall copy, install, or use any software or data files in violation of applicable copyrights or license agreements, including but not limited to downloading and/or distribution of music, movies, or any other electronic media.

4.11 No one shall create, install, or knowingly distribute a computer virus, "Trojan horse," or other surreptitiously destructive program on any University computer or network facility, regardless of whether any demonstrable harm results.

4.12 No one without proper authorization shall modify or reconfigure any University computer or network facility.

4.13 No one shall store confidential information in computers or transmit confidential information over University networks without protecting the information appropriately.

4.14 Users shall take full responsibility for data that they store in University computers and transmit through network facilities. No one shall use University computers or network facilities to store or transmit data in ways that are prohibited by law or University policy. Users shall not transmit any communications that are harassing or discriminatory as outlined in the University's Non-Discrimination and Anti-Harassment Policy.

4.15 Those who publish web pages or similar information resources on University computers shall take full responsibility for what they publish; shall respect the acceptable use conditions for the computer on which the material resides; shall obey all applicable laws; and shall not publish commercial advertisements without prior authorization. References and links to commercial sites are permitted, but advertisements, and especially paid advertisements, are not. Users shall not accept payments, discounts, free merchandise or services, or any other remuneration in return for placing anything on their web pages or similar information resources.

4.16 Users of University computers shall comply with the regulations and policies of mailing lists, social media sites, and other public forums through which they disseminate messages.

4.17 System administrators shall perform their duties fairly, in cooperation with the user community, the appropriate University administration, University policies, and funding sources. System administrators shall respect the privacy of users as far as possible and shall refer all disciplinary matters and legal matters to appropriate authorities.

4.18 Email and other electronic messaging technologies are intended for communication between individuals and clearly identified groups of interested individuals. No one without prior authorization shall use University facilities to knowingly create or disseminate spam -- unwanted and unsolicited emails or materials, in such a large volume that it may disrupt the proper functioning of the University’s information technology resources or individuals’ ability to use such resources. The University reserves the right to discard incoming mass mailings and spam without notifying the sender or intended recipient.

4.19 For its own protection, the University reserves the right to block communications from sites or systems that are involved in extensive spamming or other disruptive practices, even though this may leave University computer users unable to communicate with those sites or systems.

5.0 Enforcement and Implementation

5.1 Roles and Responsibilities

Each University department/unit is responsible for implementing, reviewing and monitoring internal policies, practices, etc. to assure compliance with the UGA Policies on the Use of Computers.

The Office of Chief Information Officer is responsible for enforcing this policy, and is authorized to create technical and security standards for University computing and network facilities and protection standards for information stored or transmitted by University computing and network facilities.

5.2 Consequences and Sanctions

Violations of these policies may incur the same types of disciplinary measures and consequences as violations of other University policies, including progressive discipline up to and including termination of employment, or, in the cases where students are involved, reporting of a Student Code of Conduct violation. In some cases, violations of this policy may also be violations of state and federal laws, and consequences may include criminal prosecution.

Systems and accounts that are found to be in violation of this policy may be removed from the UGA network, disabled, etc. as appropriate until the systems or accounts can comply with this policy.

6.0 Definitions

University computers and network facilities - all computers owned or administered by any part of The University or connected to the University's communication facilities, including departmental computers, and also all of the University's computer network facilities--not limited to the Athens campus--accessed by anyone from anywhere.

Authorization - permission granted by the appropriate part of the University's governance and/or management structure, depending on the particular computers and/or network facilities involved and the way they are administered.


Related Solutions

17. What is an issue-specific security policy?
17. What is an issue-specific security policy? 18. List the critical areas covered in an issue-specific security policy. 19. What is a systems-specific security policy? 20. When is a systems-specific security policy used?
Use the Web to find an business's antivirus policies. What changes would you recommend to that...
Use the Web to find an business's antivirus policies. What changes would you recommend to that particular organization’s antivirus policy? Your recommendation should be specific and include detailed reasons that support them.
Cyber security Cryptography Homework Part 1: Find good encryption solutions Search the web for various commercial...
Cyber security Cryptography Homework Part 1: Find good encryption solutions Search the web for various commercial encryption algorithms. Find one that you feel may be “snake oil”. Write a report explaining the encryption algorithm and your opinion *in-text citations and references are required *written in at least 2~3 paragraphs
What are the conditions that can cause a public-health issue to become a security issue?
What are the conditions that can cause a public-health issue to become a security issue?
Weekly Assignment images and copyright. you can search the web for... Copyright and the internet Image...
Weekly Assignment images and copyright. you can search the web for... Copyright and the internet Image file types for web pages (To see how to insert images into your html see the panapto recording "inserting images" or search the internet for inserting html images.) Please note you do not have to insert images in this assignment In a properly constructed HTML document answer these questions. In your document head section your title should have your first and last name and...
What are some specific examples of companies that issue common stock? What is the current stock...
What are some specific examples of companies that issue common stock? What is the current stock price? How many shares are outstanding (available to the public)? What is the history of the stock price? Do you think is will increase or decrease over the next year? Please explain. Please be specific and provide proper citation of you research. Also, do not just copy and paste from the website.
Workstation security can be an issue in many organizations. What are some of the things a...
Workstation security can be an issue in many organizations. What are some of the things a health care organization can do to secure a workstation to ensure no PHI is viewed by someone who is not authorized to view it?
Conduct a web search for a news article of a large-scale soils/foundation issue, problem, or failure...
Conduct a web search for a news article of a large-scale soils/foundation issue, problem, or failure problem. Prepare a 3-page document on analysis and interpretation of any soils/foundation related current news article following the format below. 1. Summarize Article in ½ page 2. What Aspect or Topic in EGR 354 is it related to? Be specific. List all that Apply 3. Define Problem Statement and its Causes. Use Technical Language based on lessons from EGR 354. 4. What proposed solutions...
What is an ethical issue? Describe four categories of ethical issues and provide examples of specific...
What is an ethical issue? Describe four categories of ethical issues and provide examples of specific situations that may occur within each category.
a) What’s Countertrade? What are the types of countertrade? Please use examples , if you can....
a) What’s Countertrade? What are the types of countertrade? Please use examples , if you can. b) What are the pros & cons of countertrade?
ADVERTISEMENT
ADVERTISEMENT
ADVERTISEMENT