STCC Authorized Computer Usage Policy

Summary of Usage Policy

Comply with Intended Use of the System

It is important that you understand the purpose of the systems and network so that your use of these resources is in compliance with that purpose.  Don’t violate the intended use of the systems and network at STCC. The purpose of these facilities is to support research, education, and STCC administrative activities, by providing access to computing resources and the opportunity for collaborative work. All
use of the STCC network must be consistent with this purpose.

For example:

  • Don’t try to interfere with or alter the integrity of the system at large, by doing any of the following:
  • permitting another individual to use your account.
  • impersonating other individuals in communication (particularly via
    forged email, talk, news, etc.).
  • attempting to capture or crack passwords or encrypted information.
  • destroying or altering data or programs belonging to other users.
  • Don’t try to restrict or deny access to the system by legitimate
    users. e.g.
  • don’t try to crash systems or networks, either at STCC or off campus.
  • don’t attempt to make a computer impersonate other systems.
  • don’t consume unneeded resources; to include network bandwidth,
    compute time, disk, or processes. The web has traffic limitations; a site without an
    academic mission should not consume extensive resources.
  • don’t use the facilities for private financial gain.
  • don’t transmit threatening or harassing materials.

Top

Assure Ethical Use of the System

Along with the many opportunities that the computer systems and networks provide for members of the STCC community to share information comes the responsibility to use the system in accordance with STCC standards of honesty and personal conduct. Those standards call for all members of the community to act in a responsible, professional way.

Appropriate use of the resources includes maintaining the security of the system, protecting privacy, and conforming to applicable laws, particularly copyright and harassment laws.

Top

Don’t let anyone know your password(s).

While you should feel free to let others know your username (this is the name by which you are known to the whole Internet user community), you should never ever let anyone know your account passwords. This includes even trusted friends, and
computer system administrators (e.g. the cs system admins). You will note that you
specify a one-time password and your choice of login name to the operator to gain Linux system access. When you first use that password to login you must specify a personal password. This assures you that you are not sharing knowledge of your password with a staff member. We have taken this step so that your password is private to you; please maintain that secrecy.

Giving someone else your password is like giving them a signed blank check, or your charge card. You should never do this, even to “lend” your account to them temporarily. Anyone who has your password can use your account, and whatever they do that affects the system will be traced back to your username — if your
username or account is used in an abusive or otherwise inappropriate manner, you can be held responsible. Much of the software on the STCC computer systems are licensed only for current students, staff, and faculty; use of the computers by others violates that contract.

In fact, there is never any reason to tell anyone your password: every STCC student, faculty member, or on-campus staff person who wants an account of his or her own can have one. If your goal is permitting other users to read or write some of your files, there are always ways of doing this without giving away your password.

For information about how to manage the security of your account,
including advice on how to choose a good password, how to change passwords, and how to
share information without giving away your password, see the on-line documentation or email to silvestri@stcc.edu.

Top

Don’t violate the privacy of other users.

The Electronic Communications Privacy Act (18 USC 2510 et seq., as amended) and other federal laws protect the privacy of users of wire and electronic communications.

The computer and network facilities of STCC facilitate information sharing. Security mechanisms for protecting information from unintended access, from within the system or from the outside, are minimal. These mechanisms, by themselves, are
not sufficient for a large community in which protection of individual privacy is as
important as sharing. Therefore, you must supplement the system’s security
mechanisms by using the system in a manner that preserves the privacy of themselves and others.

All users should make sure that their actions don’t violate the privacy of other users, if even unintentionally.

Some specific areas to watch for include the following:

  • Don’t try to access the files or directories of another user without clear authorization from that user. Typically, this authorization is signaled by the other
    user’s setting file access permissions to allow public or group reading of the files. If
    you are in doubt, ask the user.
  • Don’t try to intercept or otherwise monitor any network communications not explicitly intended for you. These include logins, e-mail, user-to-
    user dialog, and any other network traffic not explicitly intended for you. Unless
    you understand how to protect private information on a computer system, don’t use the system to store personal information about individuals which they would not normally disseminate freely about themselves.
  • Don’t create any shared programs that secretly collect information about their users. Software on the STCC computer systems and network is subject to the
    same guidelines for protecting privacy as any other information-gathering project at the achool. This means, for example, that you may not collect information about
    individual users without their consent.
  • Don’t remotely log into (or otherwise use) any workstation or computer not designated explicitly for public logins over the network — even if the configuration of the computer permits remote access — unless you have explicit permission
    from the owner and the current user of that computer to log into that machine.

Top

Don’t copy or misuse copyrighted or licensed material.

Copyright

Copyright is a form of protection provided by the laws of the United States (title 17, U.S. Code) to the authors of original works of authorship including literary, dramatic, musical, artistic, and certain other intellectual works. This protection is available to both published and unpublished works.

You should assume materials you find on the Internet are copyrighted unless a disclaimer or waiver is expressly stated. Note that there does not have to be a
statement that the material is copyrighted for it to be copyrighted; any original work created in recent years is automatically copyrighted according to U.S. law. The copyright holder has extensive rights. You must contact the copyright holder and ask permission to display the material.

If you do not abide by these legal and contractual restrictions, you may be subject to civil or criminal prosecution.

Although this is not an exhaustive list, you are likely to violate copyright by:

  • displaying pictures or graphics you have not created.
  • offering sound recordings you have not recorded yourself. Even if you have recorded them, you must have permission from the copyright holder.
  • placing any materials owned by others, i.e. copyrighted works, on your Web page, or for other display, without the expressed permission of the copyright owner. (Examples: cartoons, articles, photographs, songs, sound bites, software, graphics
    scanned in from published works or other web pages). Placing copyright attribution on the displayed material is not sufficient to enable its display; you must contact that copyright owner to be assured that the display is acceptable. Do this before
    display is attempted.
Fair Use

Educational institutions enjoy special exemptions from copyright protection, called Fair Use, whereby reasonable portions of copyrighted material may be distributed by instructors to students in a class. If copyrighted materials are to be placed on the web for a course, the materials must be restricted to the course. We offer assistance to accomplish this end. All class materials do not have to be protected in this way, but if the instructor places the information which is copyright protected in its own directory in the web and then uses a web page we designed to restrict logins to a
class it will be acceptably protected. The fair use code is simple, but for further
information, please see the Stanford University Copyright and Fair Use World Wide Web site.

Licenses

The programs offered for use on the campus computers typically have licenses which restrict use to the computer where they are installed and for educational
purposes. The software is usually copyrighted, too. Although this is not an exhaustive list, you are likely to violate license and/or copyright by:

  • reselling or giving away licensed programs or data
  • using educational-licensed programs or data for non-educational purposes
  • using programs or data for financial gain
  • using programs or data without being among the individuals or groups licensed to do so

Top

Don’t use the systems or network to harass anyone in any way.

Harassment is defined as any conduct, verbal or physical, on or off campus, which has the intent or effect of unreasonably interfering with an individual’s or group’s educational or work performance at STCC or which creates an intimidating, hostile
or offensive educational, work or living environment. Harassment on the basis
of race, color, gender, disability, religion, national origin, sexual orientation, or age
includes harassment of an individual in terms of a stereotyped group characteristic, or because of that person’s identification with a particular group.

STCC’s harassment policy extends to the networked world. For example, sending email or other electronic messages which unreasonably interfere with anyone’s education or work at STCC or any other institution, using STCC as a base, may
constitute harassment and is in violation of the intended use of the system. Do not print or display material that may be considered offensive unless you have an academic reason. This includes pornography, both pictures and written material.

Any member of the STCC community who feels harassed is encouraged to seek assistance and resolution of the complaint. To report incidents of on-line harassment, send email to silvestri@stcc.edu.

Top

Assuring Proper Use of the System

STCC’s computer and network resources are powerful tools that can be easily misused. Your use of the system should be consistent with the intended uses of
these resources. In particular, you should not overload the systems or otherwise abuse the network.

Top

Don’t abuse your electronic mail (email), web, or other communications privileges.

Electronic mail is a fast, convenient form of communication. It is easy to send electronic mail to multiple recipients, and you can even send a message to many recipients simply by specifying a single list name (i.e., by using a mailing list).
However, this ability to send messages to many people makes it easy to misuse the system. The general rule is: use email to communicate with other specific users, not to broadcast announcements to the user community at large.

For example, while it is appropriate to use email to have an interactive discussion with a set of people (even 20 or more users) or to use email to send a single copy of an announcement to some “bulletin board” facility with a wide readership (e.g. Network News, or an event), it is not appropriate to use email as a way to broadcast information directly to a very large number of people (e.g., an entire STCC class). This is true whether you include the recipient usernames individually or by using a mailing list: under no circumstance should you use the email system to get a general announcement out to some large subset of the STCC community.

These guidelines are not based on etiquette alone: the mail system simply does not have the capacity to process a very large number of email messages at once. When a user sends out an announcement to a huge list of recipients, the mail servers get overloaded, disks fill up, and staff intervention is required. The overall result is a negative impact on the quality of service provided for all users.

Finally, the proliferation of electronic chain letters is especially abusive of the mail system and the network. Chain letters waste valuable computing resources, and may be considered harassing. Creating or forwarding chain letters may subject you to STCC disciplinary proceedings.

The web has specific traffic limitations; a site without an academic mission should not consume extensive resources.

The web at STCC has a multitude of uses. Potential students can learn about STCC and even apply to STCC. Researchers can get information on programs at STCC. Alumni can peruse information especially for them. Students, faculty, and staff can
offer their web pages. Unfortunately, excessively popular pages can swamp the web so that these functions cannot be accomplished.

Any individual whose site gets 3% of the usage of the entire STCC web will be warned to reduce the traffic on their web. They will have 1 week to bring the traffic down to a reasonable level. 3% may not sound like much, but that is actually a large fraction of the resource, given how many people at STCC are sharing the resource. A site will be shut down if the owner has not managed to tame their web within a week.

A site which is over 5% of the traffic will be shut down immediately, as an emergency measure to preserve web functionality. Other grounds for immediate shutdown are copyright violations, commercial ventures, and other Acceptable Use
Policy violations.

It is possible that some web page, which is consistent with the academic mission of STCC, will become very popular, and we will try to deal with that situation should it arise. We have not yet seen crippling traffic problems from any pages of this sort, however.

Top

Don’t perform commercial activities on STCC facilities.

Commercial activity on the STCC network is only permitted for business done on behalf of STCC or its organizations, not for the benefit of private individuals or other organizations without authorization.

  • It is not permitted to run a private business on the STCC network.
  • The STCC’s name must not be used in ways that suggest or imply the endorsement of other organizations, their products, or services.
  • Fundraising and advertising may be conducted on the STCC network only under the supervision of officially recognized campus organizations.
  • Reselling network IP services over STCC’s network is not permitted.

Top

The Massachusetts Computer Crime Law

The Massachusetts Computer Crime Law, enacted on January 24, 1995 has four points:

  1. Any unauthorized access into any computer system, either directly, by network, or by telephone is prohibited.
  2. All electronically stored or processed data is now deemed as “property”. As such, any destruction or corruption of such data is illegal.
  3. Electronic copies of files will now be admissible as evidence in court.
  4. Computer crime can now be prosecuted and punished in either the county where the perpetrator was physically located or in the county of the computer system and data that were accessed.

Top