University IT Policy

1. Introduction

The University is committed to providing a secure, efficient, and accessible information technology (IT)
environment to support its academic, research, and administrative functions. This IT policy outlines the
guidelines and expectations for the responsible use of university IT resources by faculty, staff, students,
and other authorized users.

2. Acceptable Use

2.1. University IT resources, including but not limited to computers, networks, email, and internet
access, shall be used for legitimate academic, research, and administrative purposes consistent with the
university's mission.

2.2. Users must not engage in activities that compromise the security or integrity of university IT
resources, including unauthorized access, distribution of malware, or attempts to bypass security
controls.

2.3. Use of university IT resources for commercial purposes or personal gain is strictly prohibited unless
authorized by appropriate university authorities.

3. Security

3.1. Users are responsible for safeguarding their accounts, passwords, and access credentials. Sharing of
accounts or passwords is prohibited.

3.2. All university-owned devices must have up-to-date security software, including antivirus and firewall
protection. Users must promptly install security updates and patches.
3.3. Users shall not attempt to circumvent security measures or exploit vulnerabilities in university IT
systems.

3.4. In the event of a suspected security breach or incident, users must report it to the appropriate
university IT support personnel immediately.

4. Data Management and Privacy

4.1. Users shall adhere to university policies and legal requirements regarding the collection, storage,
and handling of sensitive data, including personally identifiable information (PII) and research data.

4.2. Unauthorized access, disclosure, or misuse of university data is strictly prohibited.

4.3. Users must comply with data retention and disposal policies to ensure the secure management of
university information.

5. Network Usage

5.1. Users shall use university network resources responsibly and refrain from activities that may
degrade network performance or disrupt services for others.

5.2. Copyright infringement, including illegal downloading or sharing of copyrighted materials, is

prohibited.

5.3. Users must not engage in activities that violate the terms of service of internet service providers or
other network providers.
6. Email and Communication

6.1. University email accounts and communication platforms shall be used for official university
communications and academic purposes.

6.2. Users must not engage in spamming, phishing, or other fraudulent activities using university email
accounts.

6.3. Users must comply with email retention and encryption policies for sensitive communications.

7. Software and Hardware Usage

7.1. Only authorized software and hardware may be installed on university-owned devices.

7.2. Users must comply with software licensing agreements and refrain from unauthorized copying or
distribution of software.

7.3. Proper procedures must be followed for the disposal and recycling of university-owned hardware.

8. Bring Your Own Device (BYOD)

8.1. Users who connect personal devices to university resources must comply with university security
policies, including the installation of security software and adherence to network access controls.

8.2. Users are responsible for ensuring the security of their personal devices and reporting any loss or
theft to university IT support personnel.
9. User Responsibilities and Training

9.1. Users are responsible for familiarizing themselves with and adhering to university IT policies and
procedures.

9.2. The university will provide training and educational resources to promote IT security awareness
among faculty, staff, and students.

10. Policy Enforcement and Review

10.1. Violations of this IT policy may result in disciplinary action, up to and including suspension of IT
privileges, termination of employment, or legal action, as appropriate.

10.2. This IT policy shall be reviewed and updated periodically to address emerging threats, technology
advancements, and changes in regulatory requirements.

11. Acknowledgment and Agreement

By using university IT resources, users acknowledge their understanding of and agreement to comply
with this IT policy.

This sample IT policy provides a framework for governing the use of IT resources within a university
environment. It addresses key areas such as acceptable use, security, data management, network usage,
and user responsibilities, while emphasizing the importance of compliance and accountability.