Policy

Acceptable Use of UQ ICT Resources - Policy

Printer-friendly version
Body

1. Purpose and Objectives

The University of Queensland’s Information, Communications and Technology (ICT) resources are provided to support and enhance the University’s activities.

This policy informs Users of UQ ICT resources of their rights and responsibilities.

This policy also applies to the use of information that may be accessed via ICT resources.

This policy must be read in conjunction with the Procedures for the Acceptable Use of ICT Resources and associated Procedures and Guidelines related to specific ICT-related hardware, software and applications.

While this policy applies to email, additional policy statements specific to email are found in 6.20.06 Email for Staff and Students.

2. Definitions, Terms, Acronyms

Account/UQ Sign-In - access provided by UQ to any ICT resource or any non-UQ ICT resource utilised for UQ purposes

ICT - Information Communication Technology. ICT products and services are defined as all types of technology (data, voice, video etc) and associated resources which relate to the capture, storage, retrieval, transfer, communication or dissemination of information through the use of electronic media.

User - all staff, students, contractors, third parties, clinical and adjunct title holders, affiliates, alumni and all other people who legitimately access UQ’s systems and/or network

Other Entities - External organisations which may provide cloud solutions (e.g. Microsoft), host services such as Wimba and Turnitin, and UQ affiliated and wholly owned organisations

3. Policy Scope/Coverage

This policy applies to all Users of UQ’s ICT resources.

The policy also applies to anyone connecting non-UQ or affiliated (including personally-owned) ICT equipment (e.g. laptops) to UQ’s network.

4. Policy Statement

UQ sets policy on the acceptable use of UQ ICT resources in respect of provision of resources, access to resources, responsible, ethical equitable and legal use of resources, security and privacy, compliance and breaches and responsibilities. Policy details on each of these aspects are outlined in sections 5-10 below.

5. Provision of ICT Resources

ICT Resources encompass infrastructure, equipment, software, and facilities including technologies such as computers, smart phones, the Internet, broadcasting technologies (radio and television), and telephony. ICT resources include:

  • All networks, hardware, software and communication services and devices which are owned, leased or used under licence by UQ including UQ’s academic and administrative systems;
  • Computing facilities and information resources maintained by Other Entities , but available for use through an agreement or agreements with UQ; and
  • Staff and student web pages hosted on UQ ICT Resources.

UQ recognises the importance of ICT and provides access to Users for University and other authorised purposes according to need and available resources. Usage is subject to the conditions set out in this policy and associated procedures.

Access to ICT resources through the University network is a cost to the University and is not provided to Users unconditionally.

UQ does not permit its ICT resources to be used for unauthorised activities.

UQ cooperates with network providers, legal authorities of the State and Commonwealth, and the international community to provide a reliable and trustworthy service.

Whilst UQ respects the privacy of Users of ICT Resources, UQ reserves the right to monitor User activity and take appropriate action if misuse of resources is identified. Monitoring for misuse of UQ ICT Resources must be authorised by the Director, ITS.

5.1 Software

UQ requires that Users and Organisational Units use and install software in compliance with licence terms and conditions.

It is a criminal offence if an individual makes an infringing copy of software with the intention of obtaining a commercial advantage or profit and if the individual knows or ought reasonably to know that the copy is infringing copyright.

Installation of privately purchased and owned software on University systems is not advised. If this is necessary, the owner must contact either their local Software Licensing Point of Contact or ITS Software Licensing to have the software registered and to check the installation is allowed under the license terms. Proof of purchase is required, consisting of the license certificate and original media, and the invoice if it is available.

5.2 Computing resources for students

UQ will continue to provide on-campus computer facilities in line with equity principles and legislative requirements.

UQ organisational units and affiliates must ensure that adequate on-campus ICT facilities are provided for learning requirements.

5.3 Information management

Users must take appropriate steps to ensure the security, confidentiality, and integrity of all UQ related information stored or received, including measures to prevent loss of information. Please refer to the ‘ICT Security Management Policy’ for further detail.

5.4 Records management

It is the responsibility of staff and RHD students to submit to the relevant records storage system any information that is (or is reasonably likely to be at that time) a university record or part of a university record as outlined in 1.60.4 Records Management.

5.5 Cloud Computing

It is the responsibility of administration system owners to follow the Qld Government Cloud Computing Guideline when implementing a cloud computing solution for administration systems. Within the Qld Government Cloud Guideline, there is reference to the Department of Defence Cloud Computing Security Considerations. Administration system owners should consider the checklist in this document when conducting an analysis of a cloud computing solution.

A decision tree is presented on the ITS Website to facilitate the decision making process of a cloud deployment model.

6. Access

UQ account and email address is provided for access to UQ ICT Resources.

Access to the Internet must be via an authorised account associated with the User or to the corresponding UQ authorised and registered application. Conditions apply for Users who are under 18 as outlined in the associated procedure.

Users must protect the security and integrity of their access e.g. account, password and equipment on which this is saved.

UQ reserves the right to remove or limit access to ICT resources, and to remove or limit access to material and resources stored on University-owned computers or other resources. Changes to access must be directed to the Director of Information Technology Services.

Access to all resources utilising central UQ Sign-in (e.g. finance, HR, student) will be subsequently terminated when Users cease association with UQ (e.g. when a staff member is no longer employed, or when a student is no longer enrolled).

7. Responsible, Ethical, Equitable and Legal Use of ICT Resources

UQ requires all Users of its ICT resources to do so in a responsible, ethical, equitable and legal manner and in accordance with the UQ Code of Conduct (PPL 1.50.01 Code of Conduct).

Guidance on acceptable use is outlined in the associated guidelines.

The University understands that research and teaching and learning purposes may require exceptions to the given examples.

7.1 Legal and policy framework

Users of University ICT resources must be aware that use of these resources is subject to the full range of Australian laws as well as any other relevant University policies and statutes. This includes (but is not limited to) areas such as copyright, breach of confidence, defamation, privacy, contempt of court, bullying and cyber-bullying, harassment, vilification, anti-discrimination, wilful damage and computer hacking.

Users should be aware that access to some third party applications and content has separate contractual arrangements and terms and conditions which may apply over and above this policy.

7.2 Publishing

UQ Web publishing guidelines apply to all material published using UQ resources.

Carrying of advertising or commercial logos on UQ web pages requires prior permission from the Head of the Organisational Unit.

7.3 Limited personal use

The use by UQ Staff of ICT resources for personal purposes is not generally permitted unless such use is kept to a minimum. Limited Personal Use is defined in the associated procedure.

8. Security and Privacy

Access to information through ICT Resources will only be provided if there is a legitimate need.

Users should be aware that legal or other requirements may necessitate access, retention, inspection and release of electronic files and communications (including email) held on or transferred through the University’s systems (including after termination) unless otherwise stipulated by PPL 4.10.13 Intellectual Property for Staff, Students and Visitors. This includes authorised monitoring of User activity when investigating possible misuse and may include any personal information held on UQ ICT Resources.

Users who have authorised access to private information about staff or students, or confidential information of the University must respect the privacy of others and maintain the confidentiality of the information to which they have access in accordance with privacy laws and any UQ policies.

9. Compliance and Breaches

9.1 Notifying and handling of breaches

Users who become aware of possible breaches of this policy must report it to either:

  • their supervisor or manager;
  • their Organisational Unit Head; or
  • the Director, Information Technology Services.

The Director, ITS is responsible in the first instance for handling potential breaches for Users other than students or staff. This could result in revocation of access.

Formal disciplinary action for students will occur in accordance with 3.60.04 Student Integrity and Misconduct.

Formal disciplinary action for staff will occur in accordance with the Misconduct/Serious Misconduct clauses as outlined in the Enterprise Agreement.

UQ may refer serious matters or repeated breaches to the Chief Operating Officer, Director of Human Resources Division, the Head of the relevant Organisational Unit or to the appropriate external authorities which may result in civil or criminal proceedings.

UQ has a statutory obligation to report illegal activities and corrupt conduct to appropriate authorities.

9.2 Penalties associated with breaches

Penalties for misuse of ICT resources may range from loss or restriction of access to accounts, to formal disciplinary action or in some more serious instances criminal or civil proceedings. This could include financial penalties.

10. Responsibilities

Heads of OUs are responsible for compliance with and communication of UQ ICT policies.

The Director of ITS has the responsibility for coordinating the implementation of this policy and its associated documents.

Custodians
Chief Information Officer
Mr Rob Moffatt

Procedures

Acceptable Use of UQ ICT Resources - Procedures

Printer-friendly version
Body

1. Purpose and Objectives

This procedure details the specific actions and process that must be followed to implement the Acceptable Use of UQ ICT Resources Policy. The procedure outlines the responsibilities of all users of UQ ICT Resources.

2. Definitions, Terms, Acronyms

Account/UQ Sign-In - access provided by UQ to any ICT resource or any non-UQ ICT resource utilised for UQ purposes

ICT - Information Communication Technology. ICT products and services are defined as all types of technology (data, voice, video etc) and associated resources which relate to the capture, storage, retrieval, transfer, communication or dissemination of information through the use of electronic media.

User - all staff, students, contractors, third parties, clinical and adjunct title holders, affiliates, alumni and all other people who legitimately access UQ’s systems and/or network

Other Entities - External organisations which may provide cloud solutions (e.g. Microsoft), host services such as Wimba and Turnitin, and UQ affiliated and wholly owned organisations

3. Procedures Scope/Coverage

This is a University-wide procedure which applies to all users of University ICT resources – including (but not limited to) staff, students, contractors, third parties, associates and honoraries, alumni, conjoint appointments and visitors to the University.

The procedure also applies to anyone connecting personally-owned equipment (e.g. laptops) to the University network.

4. Procedures Statement

This procedure provides additional detail on the acceptable use of UQ ICT resources in respect of authorised access, exceptions to acceptable use requirements, limited personal use, access to computers for teaching and learning, electronic mail, and personal home pages. Details on each of these aspects are outlined in sections 5 – 10 below.

5. Authorised Access

5.1 Access by minors

To apply for internet access for individuals under 18 years of age, complete an application for Internet Access Permission for Under 18s and follow the directions on the form.

5.2 Security and integrity of access

Users must keep their passwords confidential and must not share them with anyone else, or reveal them to anyone else.

Accounts (including internet accounts) must not be transferred or in any other way made available for the use of a person other than the account holder.

You must not use your UQ Sign-in, including password or username, for systems external to UQ unless it is for authorised UQ purposes.

If an account holder knows or suspects their account has been used by another person, or suspects their password has been revealed (including lost or stolen passworded ICT equipment), the account holder must immediately change their password.

Staff are required to change their password at least once every 12 months.

5.3 Removing access when staff cease employment

Access will cease 14 days after the staff member is terminated in the HR system.

Supervisors must make arrangements to terminate access to other systems not utilising central UQ Sign-in.

6. Exceptions to Acceptable Use Requirements

In instances where exceptions are required for legitimate research or teaching and learning purposes, approval is required from the Head of the requesting organisational unit confirming legitimacy and notification is to be given to the Director, ITS, who will maintain a register of approved exceptions.

7. Limited Personal Use

Limited personal use is defined as:

• incurs minimal additional expense to the University

• is infrequent and brief

• does not interfere with the operations of the University

• does not violate any University policy or related State/Federal legislation and regulation. (State Government Information Standard 38: Use of Communication and Information Devices).

8. Access to Computers for Teaching and Learning

8.1 As a base level expectation, the University expects its students to have private access to:

  • a computer with an optical drive that supports basic Windows-style or Mac-style platforms, including word-processor and spreadsheet programs, and anti-virus software;
  • the UQNet and the internet; and
  • UQ email.

Students are responsible for installing the latest system updates on their private computer and the anti-virus software is kept up-to-date.

8.2 In addition, where computer access is integral to the pre-determined learning outcomes of a program, the faculty includes in prospective student information an expectation that students will have private access to:

  • specific hardware configurations (such as memory capacity);
  • portable computers; and/or
  • software packages.

8.3 In observing the policy, the University will:

  • inform students in a timely fashion of its expectations
  • regulate the additional expectations that can be made by faculties;
  • continue to provide computing facilities on-campus; and
  • pursue discount arrangements with third parties on behalf of students.

8.4 Faculty responsibilities

In determining any additional expectations of private access to computers by students, faculties are required to:

  • identify additional expectations on a program by program basis;
  • justify the expectations in terms of program goals and objectives;
  • inform students of requirements for specific hardware components and software packages;
  • assume responsibility for on-campus infrastructure required to support additional private access expectations of the relevant faculty; and
  • assume responsibility for some on-campus facilities (as set out under 8.5 below).

8.5 On-campus ICT facilities

While the University expects a certain level of private access to computers (see 8.1, 8.2 and 8.3 above), the University accepts that it has a general responsibility to provide support services to students in the area of information technology if satisfactory learning outcomes are to be achieved. Accordingly -

(i) The University will:

(a) provide access to, and maintain on-campus facilities to meet the general academic computing needs of students;

(b) fund the establishment and maintenance of a Student Help Desk to support students in their use of IT for University work;

(c) provide short courses at no charge to students on basic computer literacy relevant to the general use of computers and networks within the University, subject to demand;

(d) provide, maintain and upgrade on-campus IT infrastructure and services that afford efficient off-campus access to UQNet and that assist students with their general off-campus computing needs.

(ii) Faculties will:

(a) provide and maintain limited numbers of additional on-campus facilities to meet the general academic and faculty-specific computing (including software) needs of students and arrange for access to those facilities outside of normal working hours (if required);

(b) provide students with any course-specific IT training required;

(c) support students in course-specific use of IT; and

(d) take responsibility for ensuring the provision of adequate facilities for postgraduate research students.

(iii) No ancillary fee charges outside of the DEEWR guidelines will be made for approved on-campus use of IT facilities required for the delivery of course material or access to the University Library.

9. Electronic Mail

Refer to associated procedures Email for Staff and Students and Sending Bulk Messages.

10. Personal Home Pages

Home pages of staff and postgraduate students must be linked to their related UQ organisational unit and can be accessed by external internet users. An authorised disclaimer will appear before access is given to such pages The administrators of official University home pages have a responsibility to ensure personal home pages linked to the home pages they administer do not lower the image of the University as an institution dedicated to the achievement of excellence within liberal traditions of scholarship and independent thought.

Custodians
Chief Information Officer
Mr Rob Moffatt

Guidelines

Acceptable Use of UQ ICT Resources - Guidelines

Printer-friendly version
Body

1. Purpose and Objectives

This guideline details the specific actions and process that must be followed to implement the Acceptable Use of UQ ICT Resources Policy. The guideline outlines the responsibilities of all users of UQ ICT Resources.

2. Definitions, Terms, Acronyms

Account/UQ Sign-In - access provided by UQ to any ICT resource or any non-UQ ICT resource utilised for UQ purposes

ICT - Information Communication Technology.  ICT products and services are defined as all types of technology (data, voice, video etc) and associated resources which relate to the capture, storage, retrieval, transfer, communication or dissemination of information through the use of electronic media.

User - all staff, students, contractors, third parties, clinical and adjunct title holders, affiliates, alumni and all other people who legitimately access UQ’s systems and/or network

Other Entities - External organisations which may provide cloud solutions (e.g. Microsoft), host services such as Wimba and Turnitin, and UQ affiliated and wholly owned organisations

3. Guidelines Scope/Coverage

This is a University-wide guideline which applies to all users of University ICT resources – including (but not limited to) staff, students, contractors, third parties, associates and honoraries, alumni, conjoint appointments and visitors to the University.

The guideline also applies to anyone connecting personally-owned equipment (e.g. laptops) to the University network.

4. Guidelines Statement

This guideline provides additional detail on acceptable use of UQ ICT resources  in respect of access by minors, publishing, network sharing, personal home pages and personal internet use. Details on each of these aspects are outlined in sections 5 – 10 below.

5. Access by Minors

Legislation by the Federal Government restricts Internet services for individuals under the age of 18.

This legislation prohibits UQ from giving full Internet access to individuals under the age of 18 without written permission by a parent or guardian. Details of this legislation are available at the Australian Communications and Media Authority (ACMA) website.

For information on how to supervise use of the Internet and how to protect people from offensive material on the Internet, please consult UQconnect's Content filtering information, or consult the Parents section of the ACMA website.

6. Acceptable Use of ICT Resources

Acceptable use can most easily be illustrated by examples of unacceptable use. The following areas outline what may be considered inappropriate use of ICT resources. In instances where such use is required for legitimate research or teaching purposes, an exception may be approved

  • Destruction and Damage to IT resources: Destruction of, or damage to equipment, software, or data belonging to the University of Queensland or other clients.
  • Unauthorised Access/Hacking: Attempts to gain unauthorised access to computer systems or networks.
  • Unauthorised Monitoring: Unauthorised monitoring of electronic communications. (Authorisation for monitoring is required from the Director, ITS for security purposes.)
  • Offensive and Inappropriate Material: Knowingly downloading, storing, distributing and viewing of offensive, obscene, indecent, pornographic, or menacing material. This could include, but not limited to pornography, hate sites, gratuitous violence and sites using frequent and highlighted bad language.
  • Unauthorised Copyright Material including Software: Unauthorised Acquisition, reproduction, distribution and use of copyrighted material is illegal without written permission of the owner. Software may not be used or downloaded unless appropriate licensing conditions are met.
  • Music/Movies Downloading and storage of material such as music/movie clips requires use of considerable UQ resources and as such is unacceptable unless required for University purposes and within copyright. Broadcasting or creating fileshares for such material is also unacceptable unless it is for University Purposes.
  • Peer to Peer File Sharing: Use of Peer to Peer (P2P) files sharing software can be a significant security threat to the University as well as posing a threat to network bandwidth and download misuse and legal liability. P2P is not permitted to be used on any UQ facilities unless it has been approved by the Head of an organisational unit as legitimate use and notification has been given to the Director, ITS, who maintains a register of approved systems. Examples of these applications are given on wikipedia.
  • Gambling: The accessing of gambling internet sites is unacceptable.
  • Games: Playing of games is not permitted by staff within work hours. Students should also not use UQ resources for playing games unless it is a legitimate requirement of their studies. Games can require a large amount of internal storage and potentially long play periods breaching the UQ minimal use standard. The loading of such software also potentially has software licensing and security concerns.
  • Inappropriate Screen Savers/Wallpapers: Screen Savers and wallpapers that could be considered of an offensive nature are inappropriate in a work environment.
  • Unlicensed Software: Software may be downloaded for University purposes. All licensing conditions however must be adhered to with regard to its evaluation and subsequent use
  • SPAM: Mass emailing across UQNet and the internet (SPAM) is not permitted except as defined by 6.20.6 Email for Staff and Students and by 4.10.13 Intellectual Property for Staff, Students and Visitors Policy. The Federal SPAM act 2003 imposes harsh fines for unsolicited commercial electronic messages.
  • Inappropriate Emails: When sending any emails the university policy with respect to gender, race, sexual harassment, bullying and language use applies. Emails and stored information are subject to the Freedom of Information Act (FOI).
  • Unauthorised Private Business: UQ facilities should not be used for private business use unless written permission has been received from the Head of the Organisational Unit.

7. Publishing

A feature of Internet publishing is the ability to maintain the currency of information. Information published on ICT resources should be regularly reviewed for currency and amended as necessary. Users are encouraged to record a currency date for each source document to identify the latest date the source document was amended.

Users are encouraged to use hypertext links and other Internet features to maximise the value of publishing through this medium. To avoid duplication, every effort should be made to link to the original source of information rather than reproduce information already available on ICT resources.

8. Network Sharing

Users must be mindful that the University network and ICT resources are shared, limited resources and that they have responsibilities to other users.

9. Electronic Mail

Refer to associated Guidelines Email for Staff and Students and Sending Bulk Messages.

10. Personal Internet Use

The reasons for limiting personal use are that each and every use of such resources incurs a “cost” to the University and any use which is not a University purpose represents a potential misuse of University resources. Individual personal use may result in relatively small costs being incurred. Continued use or collective use across the University however, may incur many thousands of dollars of costs to the University per annum; money that would be better spent enhancing the level of services currently provided.

Custodians
Chief Information Officer
Mr Rob Moffatt

Forms

Printer-friendly version
No forms in this topic.
Custodians
Chief Information Officer
Mr Rob Moffatt
Custodians
Chief Information Officer
Mr Rob Moffatt