Any University-issued account is considered privileged information and should never be disseminated to any third party. Nor should any user knowingly allow another user to log in to a system with his/her account. While AAIT/ITS support technicians may need to obtain a user's logon id, no support technician should ever ask for a user's password. If an ITS or other support technician asks for a user's password, please communicate this to ITS immediately.
Users are responsible for password maintenance and for contacting the appropriate entity for assistance.
Network access is granted as a specialized business tool and is not a basic right of all students and employees. Network access may be revoked at any time if warranted by user abuse or violation of policy. Departments/offices are responsible for funding connectivity costs on behalf of their users.
Email
Use of University email systems, including operation of departmental email services on the University network, is subject to AAIT's Policy on Email:
This policy makes clear that email messages and their content are University property. The University has the right to read any and all messages on the authorization of the appropriate University official.
In addition to whatever preferred email addresses a user maintains, a standard email address with the @emory.edu suffix should exist for every user and should be checked regularly for important University news and announcements.
SOM ITS and the School of Medicine additionally stipulate the following conditions of use:
World Wide Web Access
Where appropriate, individuals may have access to the world wide web, utilizing HTTP protocol and web browser software to display information, obtain data or software, and access interactive data systems provided by external or internal resources. Use of this connection is restricted to business function and use of a personal nature is neither supported nor endorsed by ITS.
Excessive use of internet connectivity for personal endeavors, especially when such use is a detriment to one's job performance or a distraction to others, may constitute grounds for a diminished performance review and/or corrective disciplinary action per Human Resources policy:
File sharing, instant messaging, music, video, or other entertainment software are not supported by ITS. Certain uses of these types of software may violate other policies and may also have legal implications. See also Software.
Downloading of pirated, sexually explicit, and other materials which violate any University policy is strictly prohibited.
Internet users may not utilize their connections to run any internet-based services such as FTP, IRC, web, email, or DNS servers. Connectivity will be terminated for any station found to be running these services without explicit permission of the supervising office/department, and/or ITS where appropriate. See also Software.
Network logs may be scrutinized to assess appropriate use. ITS reserves the right to request records from Network Communication of any user suspected of excessive violation of these conditions of use, in accordance with NC policy and any applicable electronic privacy legislation. These records contain only the history of resources connected, and do not state the content of those interactions. ITS will never knowingly surveil the content of any user's web usage.
Information Systems and Databases
Users may be granted special access to certain data systems for project-based or ongoing use. Whenever access is granted to a secure data system, it to be considered privileged information and neither the content of the data nor instructions for accessing the data revealed to any third party.
Use of Information Systems outside of ITS/AAIT management is subject to the rules and conditions of those systems. Users assume responsibility for educating themselves on these systems and for observing all relevant policies and procedures.
Neither Emory University nor the School of Medicine assume any liability for upholding externally mandated IT policies; compliance is the sole responsibility of the individual user.
Hardware and Equipment
Unless warranted by special circumstances and approved by office/departmental administration and/or ITS where appropriate, all new equipment purchases should be made through the Emory Computer Store. ITS has defined various Med School Standard Configurations, generously equipped, competitively priced and pre-installed with all University licensed software.
All users must accede to allow ITS staff to make emergency modifications to equipment where network/data security is an immediate issue, regardless of disruption to business.
All equipment must be tagged and cataloged by University Property control. These tags may not be removed under any circumstances.
Any support tags or reference stickers on equipment may not be removed.
Users shall not abuse, misappropriate, or refuse to produce upon demand any University-owned equipment in their possession.
Users must physically secure workstations not intended for public use. This includes logging off or locking the station when leaving the computer unattended, closing and locking physical barriers such as doors and cabinets, actively monitoring the area for unauthorized use of equipment, and reporting potential misuse to ITS personnel.
Software
University AAIT supports the EmoryOnline suite of software, available for download at:
SOM ITS additionally supports special purpose software for the business functions of the Dean's Office, its administrative offices, students, as well as School of Medicine departments by service contract. Special purpose software (any non-Emory licensed or commercial software package not offered as part of EmoryOnline) is generally not supported.
Users introducing third party software into the environment must not do so without the knowledge and explicit approval department/office or ITS where appropriate. Nonstandard software must support a specific business function not met by the standard tools.
Napster, AOL Instant Messenger, and other peer-to-peer file sharing & communication utilities have been shown to cause network performance problems, as well as legal issues arising from the free distribution of copyrighted materials. As such, ITS does not condone the use of these types of software and assumes no responsibility or liability for consequences of their use.
Updated 09/11/2002: Recent influx of a variety of viruses and trojan horse exploits has been traced back to installations of peer-to-peer software such as Morpheus and Kazaa. These exploits have resulted in massive amounts of ITS staff time and resources being allocated to repair, as well as serious threats to the security and integrity of ITS-managed data and network services. Due to these issues, effective October 1, 2002, any ITS-managed desktop or server discovered to have any peer-to-peer file sharing software installed (excluding AOL Instant Messenger or similar instant messaging software) will have these applications uninstalled by ITS personnel and, if deemed appropriate per ITS discussion with department/office management, desktop security policies implemented to prevent their reinstallation. This action will not require user permission, and ITS will not be liable for any loss of data that results. Should desktop security policies interfere with the installation of other legitimate business applications, ITS will dispatch staff to perform these installations. Removal of desktop security policies implemented in this manner will require a written request to and authorization from the CIO.
Because these exploits have a tendency to affect and spread to other internal systems, ITS strongly encourages departmental support groups to take similar steps to ensure the integrity of the shared network environment.
Please also see AAIT's official statement on these types of software:
Use of server software such as email, web, and FTP server applications on ITS-managed desktops is strictly forbidden. Unmanaged or poorly managed instances of Internet Information Services (IIS) are the single most frequently exploited security threat in a TCP/IP networked environment. In fact, in many cases IIS may be installed and running without the user's knowledge, especially if non-standard equipment has been purchased or if ITS did not participate in the configuration of the workstation. If you have a question regarding the presence of these applications on your desktop, please contact ITS immediately. If there is a business need (for instance, the need for a local software development environment) for these types of applications, this need should be communicated to the ITS office so arrangements can be made for proper support and maintenance of such software. Any ITS-managed desktop discovered to be running email, web or FTP server software without ITS knowledge or authorization will be immediately disconnected from the Emory network and will have these applications removed prior to re-enablement.
All software used, regardless of whether University site licensure exists, must have a valid license. Users must abide by all terms of these licensing agreements. Software piracy entails serious penalties under law and users maintain responsibility for ensuring that all software installed on their stations is properly licensed. In centrally managed environments, ITS or other support organization will assume responsibility for licensing only on standard or approved software packages. This may include monitoring of use and mandatory uninstallation/reconfiguration of software on ITS-managed desktops to maintain compliance with copyright law and AAIT/ITS policy.
Information
Technology Services