Information Technology Policies
- Information Technology Use Policy (see below)
- Bowdoin College Compliance Protocol: U.S. Copyright Act and The Digital Millennium Copyright Act Sound and Video Recordings
INFORMATION TECHNOLOGY USE POLICY
Bowdoin places a strong emphasis on integrating technology into your academic and social experience. Upon arrival, students have access to the latest tools, informed consultants, and focused training to take full advantage of Bowdoin’s technical resources. Remember that many of your classmates may already know the answer to your questions. Ask them first, it is a great way to get to know someone. If you still have questions, Bowdoin’s Help Desk is available with extended hours throughout the week.
The Chief Information Officer leads an Information Technology (IT) Division that engages faculty and students to incorporate technology into their teaching, learning, research, and life. From classrooms to dorm rooms, access to technology is everywhere. Resources available to students include personal e-mail accounts; wireless Internet access everywhere on campus; network storage; video conferencing capability; cable television; VoIP telephone systems; and voice mail. IT also provides a full-time Help Desk that supports Macintosh, Windows, and Linux computers and includes a student-run Help Desk. Additionally, IT is able to offer a number of site-licensed software such as the Adobe Suite, Microsoft Office Professional, ESRI’s ArcGIS, and other specialized academic and administrative applications.
Other services that IT provides include technical, design, editorial, and project development consulting. IT is constantly exploring technology trends while also adopting the best solutions in business and higher education to deliver easily accessible, cost effective, secure, stable technology services over one of the fastest campus-wide gigabit networks in the nation.
In addition to sixteen academic department computer labs, there are nine public labs and more than two hundred publicly available computers and twenty public print stations scattered around the campus.
If you have an idea or solution that uses technology to improve the lives of students at Bowdoin, please share it with the CIO. It just might get funded!
The purpose of this policy is to define acceptable use of the College’s IT resources. This document also details College policy regarding privacy, personal use, security, and data storage, and outlines associated compliance requirements and enforcement procedures.
This policy establishes a common understanding between Bowdoin College and users of College IT resources. As a condition of using Bowdoin’s IT systems, all users, including guests, must agree to abide by the terms of this policy.
This policy governs the use of all IT resources owned, operated, or contracted by Bowdoin College. These include, but are not limited to, network infrastructure, servers, desktop workstations, peripherals, remote access resources, public and departmental computer labs, databases and software applications, and telecommunications systems.
The College’s IT resources are provided for the use of authorized College community members. College community members encompass College staff, faculty, students with official standing, alumni, and others associated with Bowdoin who have credentials to access the College’s IT resources. Guests using Bowdoin’s IT resources are also subject to this policy.
NOTE: Specific policies and examples listed below are not exhaustive; general College rules governing deportment and responsible behavior also apply. For example, obscene, false, or harassing messages are just as unacceptable when sent by e-mail as they are when expressed by other means.
3.1. Responsible Use
While using Bowdoin College’s IT resources, USERS MUST:
Abide by all local, state, and federal laws and regulations, including those related to the Internet, electronic communications or commerce, copyright, trademark, and intellectual property.
- Adhere to all College policies.
- Keep confidential data restricted by not disclosing such data to any unauthorized person.
- Use campus electronic mailing lists appropriately.
- Observe the specific rules governing the use of public or departmental computing labs.
While using Bowdoin College’s information systems, USERS SHALL NOT:
- Intentionally interfere with or cause disruptions to the normal, proper, and expected operation of Bowdoin’s IT systems.
- Tamper with or disable security systems implemented by the College.
- Use College IT resources for any commercial purpose unrelated to official College business.
- Send unsolicited bulk e-mail, such as “spam.”
- Use shared network resources assigned to another user or group of users, without their authorization. For example, sending print jobs to another user’s printer—without that user’s approval—is prohibited.
- Access data that the user is not authorized to access or access another user’s files or data without permission (except for administrative purposes as specified below in Section 3.2).
- Damage or disable any College-owned hardware components, software, or computing facilities.
- Knowingly run applications that contain computer viruses, worms, or other potentially destructive applications or hardware.
- Use “backdoor” or other programs or devices to penetrate the College’s firewall, servers, or any other network perimeter security measures or devices.
- Maintain or use an account after withdrawing from the College as a student or terminating employment with the College except as permitted by the Chief Information Officer.
- Engage in any illegal or criminal activity, such as downloading child pornography, involving the College’s IT systems.
While the College values and respects the privacy of its staff, faculty, students, and other users, the intrinsic nature of electronic records places limits on the extent to which the College can guarantee a user’s privacy. Despite security protocols, communications over the Internet—and across the College’s local campus network—can be vulnerable to interception and alteration. Consequently, the College cannot assure that absolute privacy can be maintained for data that reside on the College network or on storage media.
Out of respect for personal privacy, the College does not routinely examine the contents of data or files in user accounts. However, on occasion, circumstances may require an examination of a user’s files to maintain system security, to administer or maintain system integrity, or in response to legal mandate. In such cases, authorized personnel may examine a user’s data without notice. Authorized personnel are those specifically entrusted and approved to conduct such examinations by the chief information officer, or others, as determined by the College’s IT Committee.
Some data are subject to strict access restrictions, such as library patron records and data protected by the Family Educational Rights and Privacy Act (FERPA). The Library, the office of the registrar, and other departments that administer confidential data may enforce more stringent access policies.
3.3. Personal Use
Personal use is defined as the non-academic, non-administrative use of Bowdoin’s IT systems. Such use is solely discretionary; it neither serves an essential employment function nor is it related to academic discourse. Data that result from personal use are “personal data.”
Personal use of Bowdoin’s IT resources is secondary to performing essential College functions using such resources. If personal use of College IT resources interferes with or causes disruptions to the essential functions of the College performed by IT, then authorized personnel (as defined in Section 3.2 above) may curtail such use.
3.4. Passwords and User IDs
The system of accounts, passwords, and user IDs plays an important role in protecting the files and privacy of all users. Because users are responsible for all use made of their account, users must take exceptional care to prevent unauthorized use of their account. This includes changing passwords regularly and disabling “automatic” log-ins.
In most cases, it is inappropriate—and perhaps dangerous—to allow another person to use another user’s network credentials or e-mail account. In some cases, a user’s data are vulnerable to alteration or deletion. In others, the veracity of a user’s credentials could be compromised. Alternatively, if criminal activity can be traced to a user’s account, the person to whom the account is assigned will likely be held accountable. The College, therefore, reserves the right to restrict or prohibit password sharing.
In addition, the College reserves the right to implement and enforce password maintenance procedures, including detecting and disabling “weak” passwords and implementing password “aging” mechanisms. Weak passwords are those that may be easily “cracked,” guessed, or discovered, such as a user’s birth date or name. Password aging refers to a process that requires users to change passwords at predetermined intervals.
3.5. Data Storage and Back-ups
The College maintains a centralized repository of data stored in user accounts on the College network. This includes all the data that a user creates and saves on the College’s network storage devices. It also includes saved e-mail messages, attachments, files, and folders. Some departments, also maintain data back-ups.
The College reserves the right to restrict the amount of network storage available for users. This includes the prerogative to impose quotas on the number and/or size of stored files. The CIO regulates the availability of central network storage to which each user is entitled. Departments that maintain independent back-ups, may also regulate storage capacities for data under their purview.
Data files are routinely backed up on a daily, weekly, monthly, and/or yearly basis. These back-ups facilitate the restoration of College data that have been lost, altered, or damaged. The College will not routinely retrieve backed-up personal data (as defined in Section 3.3 above). Users, therefore, are encouraged to maintain independent back-ups of their important personal data, including e-mail messages. Bowdoin College disclaims any responsibility for maintaining or providing access to backups of a user’s personal data.
For data backed up by the IT department, retrieval or restoration is at the discretion of the CIO. For data backed up by other departments, retrieval or restoration is at the discretion of the administrator responsible for that department.
The College implements appropriate “industry-standard” practices concerning the security of the College’s IT resources. These methods are designed to protect against unauthorized access, intrusion, or damage to the availability, access, or integrity of the College’s IT systems. However, due primarily to the nature of security threats and the remote possibility of a breach of security, the College warrants neither a user’s privacy nor the integrity of data stored on the College network.
3.7. Copyright, Trademark, and Domain Names
Users must comply with all copyright, trademark, and other intellectual property laws. In general, permission is necessary for a user to reproduce materials, such as video, music, images, or text. To “reproduce” in this context includes downloading and saving a digital copy to a hard drive, floppy, or other storage media. Photocopying copyrighted materials without authorization is also prohibited. Certain exceptions apply, such as “Fair Use.”
In addition, users must generally obtain permission from the copyright owner to prepare derivative works, including modifying existing works. Copyright law also prohibits the distribution, display, or performance of works created by another without a proper release.
The College possesses trademark rights in certain symbols and phrases such as images of the Bowdoin Polar Bear and the Bowdoin Sun. The words “Bowdoin” and “Bowdoin College” are also College trademarks. Unauthorized use of these trademarks is not permitted.
Additionally, the College owns certain Internet domain names. These include “bowdoin.edu,” “bowdoincollege.edu,” “bowdoincollege.com,” and others. Registration of domain names incorporating or referencing College trademarks is prohibited without the approval of the senior vice president for finance and treasurer. The College, at the discretion of the senior vice president for finance and treasurer, may acquire other domain names.
3.8. Web Pages
College departments, organizations, or other individuals associated with the College, such as grant recipients, may create Web pages and store these files on College network servers. Additionally, faculty, staff, and students may create and post personal Web pages on the College Web site. To help ensure the security and the functionality of College Web servers, The College may impose a quota on file size, prescribe file types, or determine other limiting factors.
In general, the College does not control the content of personal Web pages created by faculty, staff, or student authors. Web content, however, must adhere to College policy and applicable laws, especially regarding harassment, sexual misconduct, and copyright. The College reserves the right to remove or disable noncompliant Web sites, Web pages, or any portion of a Web site posted on College Web servers.
3.9. Compliance and Enforcement
All users of the College’s IT resources must abide by this policy. Users not wishing to agree to and comply with this policy will be denied use of or access to Bowdoin’s IT resources.
The CIO is responsible for the interpretation and enforcement of this policy. He may also grant written exceptions to specific clauses of this policy. Appeals of the CIO’s determinations may be addressed to the senior vice president for administration and treasurer.
College community users who intentionally violate this policy are subject to disciplinary action by the College consistent with established College due process. At the discretion of the CIO alleged violations of this policy may be referred to the appropriate senior staff manager or College disciplinary body, such as the Judicial Board, the Sexual Misconduct Board, the Bias Incident Group, or others. In addition, the director of human resources may conduct an investigation regarding the alleged infraction. Violators may also be liable for civil damages and/or criminal prosecution, if applicable.
Guest users of publicly available College IT resources are also subject to the terms of this policy. While explicit acceptance of this policy is not required for guests to access these limited IT resources, guests are accountable for their actions while using College IT resources. Guests who violate this policy will be asked to cease use and may be barred from further access. If a guest user violates federal, state, or local law while using College IT resources, the CIO may report this activity to the appropriate governmental enforcement agency.
3.10. Dissemination and Revisions
This policy is posted on the College website. Notice of changes to this policy will be sent by e-mail to all affected College community members.
The CIO is responsible for maintaining and administering this policy, including revising it when necessary. Bowdoin College reserves the right to amend or revise this policy at any time without prior notice to users.
The most recent version of the policy will be the version in effect. Changes to this policy are effective upon posting to the IT Web site.
4. Limitation of Liability and Indemnification
Bowdoin College is not responsible for the actions of individual users of the College’s IT resources. In no event will the College be liable to any user for damages suffered by a user as a result of his/her use of the College’s IT resources, or as a result of the unavailability, malfunction, or misuse of the College’s IT resources.
Each user hereby agrees to indemnify and hold Bowdoin College harmless from and against any and all claims, demands, liabilities, costs, and expenses, including attorneys’ fees, arising out of or resulting from any violation by the user of the terms of this IT Use Policy.
5. Related Policies
5.1. Information Technology Policies
6. Contact Information
For additional information regarding this policy, please contact:
Mitchel W. Davis
Chief Information Officer
9600 College Station
Brunswick, ME 04011