The purpose of this standard is to establish the University’s standards for acceptable use of information resources and assets.
This guideline is applicable to UNC Charlotte faculty, staff, students and all authorized users granted use of University information resources. Protecting and preserving University information resources is a cooperative effort that requires each member of the University community to act responsibly and guard against abuses.
Direct any general questions about this standard to your unit’s Information Security Liaison. If you have specific questions, please contact ITS Information Security Compliance at ISComplianceemail@example.com.
Access to University information resources is a privilege granted to members of the University community which carries with it the obligation to use these resources responsibly. General standards for responsible use of University information resources includes respecting the privacy and rights of other users, sustaining the integrity of systems and related resources, and complying with all relevant policies, laws, regulations, and contractual obligations.
Use of University information resources is conditioned upon adherence to the following principles of responsible use:
- Observe all federal and state laws, regulations, and policies of UNC Charlotte in the use of University information resources.
- Respect the privacy and personal rights of others.
- Respect and preserve the performance, integrity, and security of University information resources.
- Cooperate with the university to investigate potential unauthorized and/or illegal use of University information resources.
- Protect the purpose of university information resources by ensuring that use does not result in improper commercial gain for the university, or personal commercial gain or private profit, except as allowed under University Policy 102.1, "External Professional Activities of Faculty and Other Professional Staff Exempt from the State Personnel Act" and corresponding policies and rules applicable to employees covered by the State Personnel Act.
- Respect the intellectual property rights of others by ensuring that use of University information resources does not violate any copyright or trademark laws, university licensing agreements (including licensed software), or University Policy 301, "Patent Policy."
The following activities are specifically prohibited and considered violations of responsible use of university information resources:
- Use of another user’s authentication credentials without his or her authorization;
- Accessing or transmitting information that belongs to another user or for which no authorization has been granted;
- Any attempt to make unauthorized changes to information stored on any University information resource;
- Unauthorized copying of information stored on any University information resource;
- Tapping network or telephone lines in violation of any federal or state law or University policy;
- Any action that jeopardizes the confidentiality, integrity or availability of any University computing, communication, or information resource;
- Use of university information resources that interferes with the work of other students, faculty, or staff or the normal operation of the University’s computing systems;
- Any attempt to bypass or aid others in bypassing the University’s information technology security systems and mechanisms without the prior express permission of the owner of that system;
- Copying or distributing software licensed to UNC Charlotte without authorization;
- Violation of federal, state or local laws, including copyright infringement;
- Use of University information resources for commercial purposes;
- Use of electronic mail messages or Web pages that constitute invasion of privacy, harassment, defamation, threats, intimidation, or discrimination on a basis prohibited by federal or state law or University Policy 501, “Nondiscrimination and Procedures for Addressing Reports of Discrimination.”
ISO/IEC 27002 was adopted by The University of North Carolina at Charlotte in 2012. All standards and guidelines are based on this code of practice for Information Security Management.
Initial Draft 7/9/15
Information Assurance Committee Approval 7/23/15