and network resources are provided for the use of School of Information
Technology and Computer Science (SITACS) students and staff in support
of teaching and research. All users are responsible for ensuring that
they use these resources in an effective, ethical and lawful manner.
document describes the acceptable use of information technology and
applies to all School users of IT resources.
is the University of Wollongong
is the School of Information Technology and Computer Science
resource refers to:
University network services, computer equipment and software owned,
leased or used under licence by the University.
resources maintained by other bodies but available for use through
an agreement or agreements with the University.
IT resources accessed with University resources
user is any student or staff member of the School or any person officially
engaged to undertake School business who uses University IT resources
in their role.
is authorised user.
is an access control mechanism to identify and authenticate an individual.
This commonly takes the form of a username and password. An account
may have associated with it access to resources such as access to equipment
or file storage.
must observe all applicable policies and law governing the use of IT
resources regardless of location where access is by means of University
IT resources. University policies can be found at http://www.uow.edu.au/its
or copies can be obtained from ITS.
are normally established only for individuals. Accounts established
for individuals are for their use only. Users shall not use or access
any other users account with the exception of authorised University
IT support staff while undertaking their duties.
must ensure that the authentication mechanism to their account remains
secret and is effective. Non-guessable passwords should be used and
passwords shall not be disclosed to any person except at the discretion
of the user as described below.
shall not request access to the secret authentication mechanism for
any persons individual account except where an University IT support
person requires access to a persons account to perform their duties
and other means of access are not reasonably possible. Where an authorised
University IT support person requests a users secret account authentication
details it may be provided by the user at their discretion.
are responsible for any activity carried out using their accounts.
are to be used solely for those purposes authorised by the University.
The user is responsible for the proper use of the account including
following recommended procedure for password protection. Access to information
is provided on a confidential basis and that confidentiality is to be
respected. Where access to IT resources is provided without a formal
account and/or password the provisions of these rules still apply.
to technical limitations, software bugs, system failures and human nature
data confidentiality cannot be guaranteed. Network data transmissions
may not be secure. Sensitive or confidential material should be encrypted
or sent by an alternative method. E-mail should be viewed as equivalent
to mailing a postcard rather than a sealed envelope.
should be aware other policies apply in relation to privacy.
shall be aware of and comply with any copyright and licensing conditions
of data including software stored or transmitted on IT resources.
users shall not use any IT resource to violate the terms of any software
license agreement or copyright provisions. For example, users shall
not copy, disclose or transfer any commercial software provided by the
must show identification including University affiliation upon request
to authorised University staff.
than specifically designated public services, the use of all IT resources
is restricted to University users.
IT resources shall be used for their intended authorised purposes. Incidental
personal use is allowable.
user may not use any IT resource for the purpose of profit-making or
commercial activity unless written permission has been obtained from
the IT Director or a nominee.
shall not use IT resources to harass others or to interfere with their
work. For example to send or publish obscene, abusive, fraudulent, threatening,
repetitive, chain style or advertising (SPAM) messages to a user or
users is a breach of this policy.
shall not attempt to deny or interfere with service to other users
means of, for example, "resource hogging", distribution of
computer worms, viruses or mail bombing.
shall not attempt to modify IT resources, illegally obtain extra resources,
degrade the performance of any system or attempt to subvert the restrictions
associated with any computer system, computer account, network service
or software protection.
shall not attempt to repair or alter the operation of any IT equipment.
Faults should be reported to School Technical Support in the first instance
or to staff or to ITS.
shall not supply services via the network except with the permission
of the Head of School or nominee. Adherence to the Device Security Policy
is required when running services.
shall not attempt to conceal their identity or masquerade as another
person when using IT Resources.
shall only access, modify or remove data stored on IT resources for
which they have authority to do so.
IT personnel require access to data files and accounts under the following
make backups for the purpose of data loss recovery.
the permission of the user.
diagnose system problems or to investigate suspected violations of
will be maintained in cases where action is taken against a user.
IT personnel should maintain a professional and ethical approach to
their work. The SAGE-AU (System Administrators Guild of Australia) Code
of Ethics is an appropriate guide.
the sender is aware of the exact recipients of a mail list (ie lists
with small numbers of members) all mail to lists shall:
confined to the body of the message (ie no attachments)
short (ie less than 100 lines)
relevant to the purposes of the list
addition users shall comply with usage rules specific to certain lists.
Specifically, the all staff lists shall only be used for broadcasting
information such as:
problems with communication services or utilities
to pre-announced schedule or notification of an important event to
occur within the following 24 hours
related issues of significance to the majority of University staff.
administrators are authorised to apply certain penalties to enforce
applicable policies. Such penalties may include temporary or permanent
reduction or elimination of access privileges. This may apply to computing
accounts, networks, computing rooms, and other services or facilities.
user accused of a violation will be notified of the charge and have
an opportunity to respond before a final determination of a penalty.
If a penalty is imposed, the user may request a review by the Head of
in the opinion of the System Administrator the violation warrants action
beyond a System Administrator's authority he or she may refer the case
to other authorities such as to the School's disciplinary body appropriate
to the violator's status, to an employee's supervisor or to a law enforcement