III.E. Appropriate use of Technology and Electronic Communications

From BSC Policy
Jump to: navigation, search

Purpose and Scope

The purpose of this policy is to identify guidelines for the use of Berkeley Student Cooperative technologies and communications systems. This policy establishes a minimum standard that must be upheld and enforced by users of the organization’s technologies and communications systems. The term “user” as used in these policies refers to employees (whether full-time, part-time or limitedterm), members, officers, directors, house-level managers, independent contractors, consultants, and any other user having authorized access to, and using any of, the Organization’s computers or electronic communications resources. Computer and electronic communications resources include, but are not limited to, host computers, file servers, stand alone computers, laptops, PDAs, printers, fax machines, phones, online services, email systems, bulletin board systems, and all software that is owned, licensed or operated at the central level by Berkeley Student Cooperative. The policy is not intended to govern the use of house-level technology except with respect to the remote use of central level technology.


Acceptable Use of Organization Property

Use of the Organization’s computers and electronic communications technologies is for program and business activities of Berkeley Student Cooperative. These resources shall be used in an honest, ethical, and legal manner that conforms to applicable license agreements, contracts, and policies regarding their intended use. Although incidental and occasional personal use of the Organization’s communications systems are permitted, users should not have an expectation of privacy and acknowledge that Cabinet may, from time to time, authorize the Executive Director to research email correspondence to meet an organizational need. In addition, the information, ideas, concepts and knowledge described, documented or contained in the Organization’s electronic systems are the intellectual property of Berkeley Student Cooperative. The copying or use of the Organization’s intellectual property for personal use or benefit during or after employment, membership, or other period of contract with Berkeley Student Cooperative is prohibited unless approved in advance by the Executive Director. All hardware (laptops, computers, monitors, mice, keyboards, PDAs, printers, telephones, fax machines, etc.) issued by Berkeley Student Cooperative is the property of the Organization and should be treated as such. Users may not physically alter or attempt repairs on any hardware at any time. Users must report any problems with hardware to the Computer Systems Administrator.


Password Security

Users are responsible for safeguarding their login passwords. Passwords may not be shared, printed, or stored online without the prior approval of the Computer Systems Administrator. Users should not leave their computers unattended without logging off. If a user suspects that the secrecy of their password has been compromised they should report this to the Computer Systems Administrator immediately and initiate a password change request. Passwords should contain at least 7 characters and be complex. They should not be a dictionary word, your son or daughters name, etc. Passwords should be made up of a combination of the following: letters, numbers, special characters, upper and lower case characters. The Organization enforces a password change policy every six months. Unique passwords are required at each change.


Confidentiality

All information about individuals, families or organizations served by Berkeley Student Cooperative is confidential. Unless mandated by law, a court order, or an administrative order, no information may be shared with any person or organization outside Berkeley Student Cooperative without the prior written approval of the individual, family or organization and the Executive Director.


E-Mail Communications

The Organization may communicate with its members, donors, customers, alumni, vendors and clients via e-mail. E-mail is not a secure or private communications mechanism, nor should employees, officers, directors, or members treat it that way. Sensitive or confidential information should not be sent via e-mail over the Internet without password protection or encryption. Employees should exercise care in the use of e-mail and in the handling of e-mail attachments. If an email is from someone you do not know, or if you were not expecting an attachment, do not open it, delete it. The user should contact the Computer Systems Administrator if there are questions as to the validity of the message and attachment.


Anti-Virus Controls

The Organization maintains current anti-virus controls on its computer systems. This includes servers and personal computers. The system will automatically download and distribute virus signature updates to all systems. The anti-virus software is monitored by the Computer Systems Administrator. Regular file system scans of all systems are conducted automatically. Users are prohibited from disabling or altering the configuration of the anti-virus software. Users are also required to report any suspicious activity on their computers to the Computer Systems Administrator. This activity includes, but is not limited to: cursor or mouse moving on its own, hard drive thrashing without user input, uncharacteristically slow performance, a change in behavior of the system, etc.


Disposal of Computer Equipment

Berkeley Student Cooperative will take appropriate steps to make it impossible to retrieve any data from retired computer equipment. These steps will include but will not be limited to running “fileshredding” software on all electronic media, including computer hard drives, prior to disposing of computer equipment. This software should perform low-level formatting or use a “wipe” utility that follows the Department of Defense (DoD) standard 5220.22. The software overwrites all areas of the computer’s hard drive in a manner that makes it impossible for subsequent users to retrieve any of the data on the hard drive. This procedure shall be performed by Berkeley Student Cooperative’s Computer Systems Administrator. Use of Berkeley Student Cooperative’s electronic communication systems to copy, modify, or transmit documents, software, information or other materials protected by copyright, trademark, patent or trade secrecy laws, without obtaining prior written permission from the owner of such rights in such materials, is prohibited.


Download/Installation of Software

The installation of new software on central level workstations without the prior approval of the Computer Systems Administrator is prohibited. If an employee, officer, director, or member desires to install any new programs, written permission should first be obtained. Software should not be downloaded onto central level workstations from the Internet. This is a common mechanism for the introduction of computer viruses. If Internet-based software is needed, the Computer Systems Administrator should be contacted to perform the download and testing of the application prior to installation.


Other Prohibited Uses

Other prohibited uses of the Organization’s central level communications systems include, but are not limited to:

  1. Engaging in any communication that is discriminatory, defamatory, pornographic, obscene, racist, and sexist or that evidences religious bias, or is otherwise of a derogatory nature toward any specific person, or toward any race, nationality, gender, marital status, sexual orientation, religion, disability, physical characteristic, or age group.
  2. Browsing, downloading, forwarding and/or printing pornographic, profane, discriminatory, threatening or otherwise offensive material from any source including, but not limited to, the Internet.
  3. Engaging in any communication that is in violation of Federal, state or local laws.
  4. Proselytizing or promoting religious beliefs or tenets.
  5. Campaigning for or against any candidate for political office or any ballot proposal or issue.
  6. Using unauthorized passwords to gain access to another user’s information or communications on the Organization’s systems or elsewhere.
  7. Advertising, solicitation or other commercial, non-programmatic use.
  8. Knowingly introducing a computer virus into the communications systems or otherwise knowingly causing damage to the systems.
  9. Using the systems in a manner that interferes with normal business functions in any way, including but not limited to, streaming audio from the Internet during business hours, stock tickers, Internet gaming, installing unauthorized software, etc.
  10. Excessive personal use of technologies that preempts any business activity or interferes with organizational productivity.
  11. Sending email messages under an assumed name or obscuring the origin of an email message sent or received.


Disciplinary Action for Violations

Berkeley Student Cooperative requires all users to adhere to this policy. Violations of this policy will result in disciplinary action, which could include termination of employment or cancellation of contracts.


Reporting of Suspected Violations

Suspected violations of these policies should be immediately and confidentially reported to your immediate supervisor. If you refer not to discuss it with your supervisor, you may contact the Executive Director or any member of the Audit Committee.