Information Technology Policies

Responsible Use of Information Resources Policy

Data Security Policy

Email Policy

Staff Laptop Issuance Policy

Laptop Battery and AC Adapter Replacement Policy

Responsible Use of Information Resources Policy

  1. Purpose

  2. Audience and Access Privileges

  3. Policy

    1. Sexual, Racial, and other forms of Harassment

    2. Authorized Use of Information Resources

    3. 

      Copyright and Lawful Use of Information Resources

    4. Integrity of Information Resources

  4. Privacy

    1. Specific Email Related Privacy

  5. Compliance with Policies & Law

    1. Violation of Responsible Use Policy

    2. Violation of Campus Policy

    3. Violation of Local/State/Federal Law Enforcement

    4. Enforcement

1. Purpose

The purpose of this policy is to define responsible and ethical behavior that guides use of information and learning technology resources at Wentworth Institute of Technology. Information and learning technology includes, but is not limited to laptops, desktop computers, workstations, network servers, mainframe computers, software, digital information, voice, video and data networks, classroom media and instructional technology. This policy is supplemented by all other college policies and by the policies of those networks to which Wentworth is affiliated, including but not limited to Colleges of the Fenway and related consortia (e.g. FLO). Applicable local, state, and federal laws also apply to information and learning technology users at Wentworth.

2. Audience and Access Privileges
This policy applies to all users of Institute computing resources, whether affiliated with the university or not, and to all uses of those resources, whether on campus or from remote locations.  The rights of academic freedom and freedom of expression apply to the use of university computing resources. So, too, however, do the responsibilities and limitations associated with those rights.

As a user of these resources, you are responsible for reading, understanding, and abiding by this document.

The use of Wentworth information resources such as networks, emails, web publishing is a privilege granted by Wentworth to members of its community or related parties. It is not a right, and the privilege is contingent upon compliance with this policy.

Please be aware: Anytime you log onto a network or access email or the internet, you are in a public forum. It may seem very private and secure but often not the case. The point of a network and the internet is connection and participation in a far-flung community. When making use of the resources of Wentworth, we simply need to remember that resources are shared, that we are partaking in a community act, and should conduct ourselves accordingly. 

3. Policy
Wentworth provides access to information resources to students, faculty, staff, and certain other users to support the mission of access to learning and to conduct business. Every authorized user of information and learning technology resources at Wentworth is responsible for utilizing these resources in an efficient, ethical, and legal manner and in ways consistent with the overall college policy and code of conduct.  Additional policies may apply to specific computers, computer systems, or networks provided or operated by specific units of the university or to uses within specific units.

The following principles serve to guide the responsible use of information and learning technology for all Wentworth users:

  1. Sexual, Racial and other forms of Harassment
    Respect the rights of others by complying with all college policies regarding sexual, racial and other forms of harassment, and by preserving the privacy of other individuals. For example, you should not send harassing messages via email or transmit or reveal personal or private information about individuals. Spoofing, or misrepresenting your identity or giving false or misleading email addresses, is strictly forbidden.
  2. Authorized Use of Information Resources
    Use computing facilities, accounts, data, hardware and software only when you have appropriate authorization and use them for approved purposes. For example, you should not use Wentworth information resources to breach the network or any other network’s security, access another individual’s computer account, access or download any copyrighted or illegally obtained materials. In addition no commercial use shall be made of network resources without express permission of Wentworth administration: this includes sales, advertising, and soliciting.

    Hacking, spamming, spoofing, attempting to break in, or breaking into any workstation, server, mass storage device, or ancillary hardware owned by or connected to the Wentworth network or any external network connected to the Internet is a violation of Wentworth policy and may result in disciplinary action. Wentworth does not condone, sponsor or support such activity and holds no liability for any possible legal action brought against any student, faculty or staff found to be in violation of this policy by Wentworth, outside agency or party.

    Your WIT Network Password protects access to LConnect, E-mail, files, your laptop and/or desktop, and much more. Keeping it secure is an important responsibility. Your password should never be written down or given to anyone other than yourself. WIT will never ask for you to email your password or complete an online form and provide your password.
  3. Copyright and Lawful Use of Information Resources
    Respect all pertinent licenses, contractual agreements, and copyrights. Use only legal versions of copyrighted software in compliance with vendor license agreements and requirements. For example, you should not post another individual’s copyrighted material on your webpage or any Wentworth server without express permission of the holder of the copyright, or install or copy software with a single user license on multiple computers or distribute via data devices. Respect and adhere to all applicable local, state, and federal laws. For example, you should not use Wentworth information resources to attack computers on Wentworth’s or another network by launching viruses, worms, or other forms of destructible attacks, publish online or distribute via email or web copyrighted or illegal materials.
  4. Integrity of Information Resources
    Preserve the integrity of computing systems, electronic data, and communication networks. For example, you should not modify any hardware or software on laptop computers or any settings on desktop computers. The primary purpose of information resources is to facilitate the academic mission at Wentworth and to grant an equal teaching and learning environment to faculty and students.     

4. Privacy
Every effort will be made to keep electronic resources, including but not limited to programs, files, data, and email belonging to an authorized user of information technology at Wentworth private Wentworth makes every effort to insure privacy and security for user accounts, networks, and computing resources.  Wentworth cannot guarantee security for all electronic resources.  If policy violations are discovered, they will be reported accordingly. Wentworth reserves the right and authority to examine files, emails, passwords, and account information to protect the security of Wentworth computing resources and its users. 
All users should respect the privacy of others. No user should attempt to access accounts or information without proper authority. 
Reasons for examination include but are not limited to performing system maintenance; preventing or investigating unauthorized access or system misuse, assuring compliance with software copyright and distribution policies, and complying with legal and regulatory requests for information.

  1. Email Privacy

    The confidentiality of electronic mail cannot be assured. Such confidentiality may be compromised by applicability of law or policy, including this policy, by unintended redistribution, or because of inadequacy of current technologies to protect against unauthorized access. Users should exercise extreme caution in using email to communicate confidential or sensitive matters. 

    Wentworth mail systems are not private communication networks. Although it is not the common practice of Wentworth to access email accounts, Wentworth reserves the right to access and to review information transmitted or stored on its equipment with or without notice. Users do not have a privacy right in materials created, sent, received, or maintained on these systems. Administrators of the campus computer network will access user accounts only at the direction of the authorized owner of the account and/or the Office of the President. 

    Passwords are only intended to diminish unauthorized access to email. They do not grant implicit privacy rights. Wentworth will not use this policy to infringe upon the confidentiality and candor of the teaching/learning relationship when the campus network is used for the transmission of course-related materials for instructional purposes. 

    Email is legally the property and responsibility of Wentworth and Wentworth maintains the right to ensure that all users comply with policy and the law. Accessing or attempting to access an email or computer account other than your own, or attempting to breach computer or network security measures is forbidden. 

    Chain letters such as “virus warnings” are not to originate from campus computers. Global messages should only be directed to those concerned and should clearly identify the sender by department or organization.  Anyone sending inappropriate global or widely broadcast mailings will receive a warning from an administrator of the system, an explanation of the problem and policy, and a notification that further abuse will result in curtailed emailing privileges. "Curtailed privileges" means removal from the campus system for a period of one week. Any abuse of the system beyond that could be grounds for further steps. In respect to mailing lists it is your responsibility to determine the purpose of the list before subscribing. You will be viewed as soliciting materials delivered by the list as long as the material is consistent with the list's purpose. If you send materials to a mailing list which are not consistent with the purpose of the mailing list, you will be viewed as having sent unsolicited materials. 

    Broadcasting unsolicited messages or sending unwanted mail is expressly prohibited. This includes personal announcements, solicitations, or use of email to harass, intimidate or otherwise annoy another person. This also applies to material originating from this campus but sent to other sites or persons on the Internet.

5. Compliance with Policies & Law:

All use of information resources must be in compliance with campus policies as stated in faculty, staff, and student handbooks, with published guidelines on student and professional conduct and with applicable local/state/federal laws. Student conduct guidelines are published in the "Wentworth Student Handbook," available from the Dean of Students Office and online at http://www.wit.edu/campus-life/student-affairs/PDF/2011-2012%20Student%20Handbook.pdf.

Minor infractions of this policy, when accidental, such as consuming excessive resources or overloading computer systems, are generally resolved informally by the unit administering the accounts or network. This may be done through electronic mail or in-person discussion and education.

  1. Violation of Responsible Use Policy 
    Repeated minor infractions or misconduct which is more serious may result in the temporary or permanent loss of computer access privileges or the modification of those privileges. More serious violations include, but are not limited to unauthorized use of computer resources, attempts to steal passwords or data, unauthorized use or copying of licensed software, repeated harassment or threatening behavior. Any violation of this policy may result in curtailment or loss of access privileges immediately pending review, and will be subject to any existing disciplinary procedures of Wentworth. 
 In addition, offenders may be referred to their sponsoring advisor, department, or other appropriate office for further action. If the individual is a student, the matter may be referred to Student Affairs for disciplinary action.
  2. Violation of Campus Policy 
    Student violations of campus policy will be referred to the judicial committee. Faculty or Staff violations of campus policy will be referred to the Provost Office and HR respectively. Penalties may range from warning, temporary suspension of email privileges, to permanent revocation of privileges. Violations of law will be reported to the appropriate legal authorities. 
  3. Violation of Local/State/Federal Law
    Violation of local, state and federal law may also subject users to prosecution by local, state and federal authorities. In any such prosecution or investigation, Wentworth will cooperate with authorities. Any offense which violates local, state, or federal laws may result in the immediate loss of all Wentworth computing privileges and will be referred to appropriate offices and/or law enforcement authorities. 
The administration of Wentworth retains the right to immediately suspend user network access, pending appropriate judicial review, if a serious infraction of policy is alleged.
  4. Enforcement
    Members of the Wentworth community who believe they have witnessed or been victim of violation of this policy should notify or file a complaint with the appropriate college office as follows. Students should report suspected violations to the Dean of Students. Faculty members should report suspected violations to the Vice President of Academic Affairs. Staff members should report suspected violations to their department head who may report the problem to the Vice President of Human Resources. Reports of suspected unauthorized use or misuse of Wentworth’s information resources will be investigated pursuant to procedures mentioned in 5 a, b, and c.

Data Security Policy

Purpose:

This policy defines the guidelines for the security and confidentiality of data maintained by Wentworth Institute of Technology, both in paper and electronic form. This policy also informs each person who is entrusted to access student, employee and/or institutional data of their responsibilities with regard to confidentiality and safeguarding Wentworth data.

This policy does not prevent the release of institutional data to external organizations or governmental agencies as required by legislation, regulation, or other legal vehicle.

There are two primary categories of data-handling and access defined in this policy.

  • Data Custodian
  • Data Guardian

Definitions:

Data Custodians

Data custodians function as gatekeepers for data that is collected and maintained by individuals in their divisions. Custodians are responsible for establishing access procedures for the administrative data available in their area and for approving access requests for that data. The table below indicates the administrative areas that maintain the college’s primary data stores and the respective data custodians.

Administrative Area Data Custodian
Alumni and Development Data Vice President, Institutional Advancement
Financial Data Vice President, Business Affairs
Financial Aid Data Vice President, Enrollment Management & Student Affairs
Human Resources Data Associate Vice President, Human Resources
Information Technology Data Vice President, Technology / CIO
Student Services Data Vice President, Enrollment Management & Student Affairs

Data Guardian

A data guardian is defined as anyone who, as a function of their position at Wentworth, possesses or has access to Wentworth administrative data, either electronic or otherwise. Guardianship and its associated responsibilities apply to individuals who dispense or receive data.

Department heads are responsible for signing off on data access requests for employees under their supervision.

Policy:

All custodians and guardians of administrative data are expected to manage, access, and utilize the data in a manner that maintains and protects the security and confidentiality of that information.

Procedure:

  • Institute employees, or others who are associated with Wentworth institute of Technology, who request, use, possess, or have access to college administrative data must agree to adhere to the protocols outlined above. In addition, guardians, custodians and data users are prohibited from:
  • Changing data about themselves or others except as required to fulfill one’s assigned Wentworth duties or as authorized by a supervisor. (This does not apply to self-service applications that are designed to permit you to change one’s own data.)
  • Using information to enable actions by which other individuals might profit.
  • Disclosing information about individuals without prior authorization by a supervisor.
  • Engaging in what might be termed "administrative voyeurism" (reviewing information not required by job duties) unless authorized to conduct such analyses. Examples include tracking the pattern of salary raises, viewing a colleague’s personal information and looking up someone else’s grades.
  • Circumventing the level of data access given to others by providing access that is broader than that available to them, unless authorized. For example, providing an extract file of employee salaries to someone who does not have security access to salary data is prohibited by this policy.
  • Allowing unauthorized access to Wentworth’s administrative systems or data by sharing an individual’s username and password.
  • Engaging in any other act that violates the letter and spirit of the policy, either purposefully or accidentally.

Improper Guardianship

In assuming responsibility for the interpretation and use of institute administrative data, guardians are expected to recognize the potential serious consequences of their improper guardianship. Improper maintenance, disposal, or release of Wentworth administrative data exposes the institute to significant risk, including lawsuits, loss of employee and student trust, and loss of funding.

Guardians who are found in violation of this policy will be subject to Wentworth disciplinary processes and procedures including, but not limited to, those outlined in the Student Handbook, the Wentworth Faculty & Staff Handbook and any applicable bargaining unit contracts. Illegal acts may also subject users to prosecution by local, state, and/or federal authorities.

Position Responsible:

Questions regarding this policy or the application of this policy to a specific situation should be referred to the Vice President for technology / CIO. Changes to this policy will be authorized by the approval of the Wentworth Technology Advisory Committee and the President’s Council.

Email Policy

Wentworth Institute of Technology employs technology resources to support its academic and administrative missions. E-mail is designed to facilitate enhanced teaching and learning; electronic communications between Wentworth faculty, staff, students, and other constituents; and efficient business electronic communications. All Wentworth full-time / part-time faculty, staff, students, and select constituents are provided with an Institute personalized e-mail address. Additionally, group e-mail addresses are assigned as approved by the Wentworth senior management.

Scope:
This policy is applicable to every individual and group assigned an active e-mail account by Wentworth Institute of Technology. This policy does supersede all Institute e-mail policies including, but not limited to, assignment, responsible use, privilege of use, misuse adjudication and possible penalties, backup and recovery, privacy, aging, and account termination upon separation from Wentworth.

Purpose:
The purpose of this policy is to identify electronic communications as an official means of Wentworth communications and to define the responsibilities of those who are assigned, and/or administer, an Institute e-mail account. It establishes the requirement that each e-mail custodian read, understand, and comply with this policy. This policy is supplemented by all other Wentworth policies, particularly including the policy on Responsible Computer Use.

Policy:
Wentworth Institute of Technology provides personalized e-mail accounts for all full-time / part-time faculty, staff, students, and select other constituents. E-mail is an official means of communication at Wentworth. Faculty, staff, students, and others assigned e-mail accounts are responsible for consequences associated with not reading Institute related communications sent to their official Wentworth e-mail address (username@wit.edu).

E-mail Account Assignment:
Personalized e-mail accounts are establish and assigned as follows:

  • Faculty and staff accounts are established and assigned upon hire date as directed by Wentworth Human Resources department.
  • Students accounts are established and assigned once accepted to the Institute and a reservation deposit has been paid or waived as directed by admissions.
  • All other e-mail accounts are assigned as needed to conduct business and/or facilitate an academic need.

Responsible Use:
All use of e-mail generated using Wentworth technological assets and/or routed through said systems will be consistent with other Institute policies, such as the policy on Responsible Use, and is subject to all local, state, and federal laws.

Privilege of Use: 
The use of Wentworth e-mail accounts is a privilege granted by the school to members of its community. It is not a right, and the privilege is contingent upon compliance with this policy.

Misuse Adjudication:
Violations of email policy will be referred to the appropriate adjudicating body of Wentworth. Email privileges may be suspended immediately pending review. E-mail misuse will be forwarded to the following officials based upon the classification of the offender:

  • Faculty violations will be reported to respective department chairmen and the Office of the Provost.
  • Staff violations will be reported to respective department heads and to Human Resources.
  • Student violations will be reported to the Student Services Judicial Review.
  • All other violations will be reported to respective supervisors and/or organization responsible.

Penalties for e-mail misuse may range from warning, temporary suspension of email privileges, to permanent revocation of privileges. Violations of law will be reported to the appropriate legal authorities.

Backup and Recovery:
Wentworth views Institute e-mail as a mission critical application and as such performs a comprehensive nightly backup operation on all assigned e-mail accounts. It is important to note that simple deletions of an e-mail does not necessarily constitute that the e-mail cannot be accessed or recovered.

Recovery of e-mail accounts, and/or specific e-mail messages, are performed on an as warranted basis and in association with Wentworth business and/or academic requirements.

Privacy:
Electronic mail is considered private, confidential information and will be kept as private as possible. Attempts to read another person’s e-mail will be treated with the upmost seriousness. No Wentworth employee, system administrator, or contracted associate will read any electronic mail unless deemed absolutely necessary in accordance with specific job requirements or by judicial subpoena. The Institute makes every effort to respect e-mail privacy and adhere to state and federal statute governing e-mail confidentiality. However, Wentworth reserves the right to investigate viruses, illicit activity, or network degradation issues that can be introduced through e-mail systems. Additionally, if requested by the person assigned to the e-mail account, appropriate technical support staff may enter the specific e-mail account to assist with problem identification and resolution.

E-Mail Aging:
New accounts are established with a default mail cleanup strategy which allows the system to automatically remove e-mails from the Inbox folder that are more than 150 days old to a System Cleanup folder. E-Mails that are older than 7 days are automatically deleted from e-mail. Only the Inbox and System Cleanup folders are affected. All other e-mail folders are not automatically reviewed or adjusted. People have been granted the option to be removed from the automatic e-mail maintenance policy by individual request for compelling academic and administrative reasons.

Account Termination:
In an effort to guard against inadvertent account deletion, Wentworth allows for a deactivation period. The deactivation period is initiated under the following criteria based upon applicable classification:

  • Faculty and staff e-mail account deactivation occurs upon notification from Human Resources. The account is left deactivated for a period of 90 days. After 90 days, the e-mail account is permanently deleted. Extensions and/or variations from this policy are considered on a case-by-case basis. Approval of extensions and/or variations requires applicable department head and Human Resources approval.
  • Student e-mail account deactivation occurs 120 days after separation from Wentworth through either graduation or withdrawal. Student e-mail accounts are then held in a deactivated status for a period of 360 days after which they are deleted. Extensions and/or variations from this policy are considered on a case-by-case basis. Approval of extensions and/or variations requires a strong, compelling reason and approval from the Office of Enrollment Management and Student Affairs.
  • Other e-mail accounts will be deactivated at the end of there useful life as determined by an annual review of such accounts. If deactivated, these accounts will remain deactivated for a period of 90 days at which time they will be permanently deleted.

Staff Laptop Issuance Policy

Overview 
Wentworth Institute of Technology is committed to providing the appropriate hardware solution for each fulltime community member. This policy addresses the need by some staff members to have mobile computing (a laptop computer) instead of a desktop computer. A decision to provide a laptop will be based upon a documented need, departmental approval, and available funding.

Eligibility 
Staff will be eligible for consideration for laptops. Laptops are authorized based upon job responsibilities, demonstrated need, and departmental approvals. The policy also recognizes the need for some shared departmental laptops and provides provision for purchase or out-of-cycle replacement under special circumstances.

Criteria for Eligibility

  • Staff who travel frequently (on and off campus) as part of their job
  • Staff who use specialized software.

Approval Process 
All requests for staff laptops must be approved by the requestor's Department Head. The Director of Purchasing will determine whether the purchase meets the approval process requirements, and how the laptop will be funded.

Approval Process Requirements

  • Only one computer will be provided by the Institute for each staff member; computers beyond this require written approval from the Department Head.
  • Staff members will need to fill out the Laptop Request Form stating the reason(s) he/she is requesting a laptop, and listing software and hardware needs. While criteria are indicated above, it is the responsibility of the Department Head to determine whether requests are in the interests of the Institute.
  • Unless the laptop is in stock, all orders (as for any technology equipment or software) must be processed through Purchasing. Exceptions to the current configuration, such as additional memory, display size or laptop weight, will need to be approved by the Department Head.
  • Requests for peripherals such as monitor, keyboard and mouse, docking station, spare batteries, or other consumables need to be included in the Request Form.
  • Ownership of the laptop computer will reside with the Institute and the laptop must be returned when job responsibilities no longer require a laptop, or employment ends.

Responsibility
It is the responsibility of staff members to take appropriate precautions to prevent damage to or loss/theft of laptop computers in their care. The staff member or department may be responsible for certain costs to repair or replace the computer if the damage or loss is due to negligence or intentional misconduct. Policies for appropriate use of Institute property as identified in the staff handbook or elsewhere will be used to determine whether liability due to negligent behavior exists.

Laptop Battery and AC Adapter Replacement Policy

Wentworth issued laptop computers and A/C adapters have a 3 year manufacturer’s warranty. This covers defects only, not physical damage. Batteries for these laptops have a 1 year manufacturer’s warranty. Wentworth provides replacement batteries and AC adapters when they are covered under the manufacturer’s warranty.

Wentworth may, subject to available funds, on a one time basis replace a battery that is out of warranty.

Students are responsible for replacing lost, stolen, or damaged batteries, and AC adapters.

Third party (non branded) batteries and power cords are acceptable replacements; students can purchase either branded replacements or third party replacements, either through the Laptop program web site or from other sources.

Best practices for maintaining battery life:

 

© Wentworth Institute of Technology   |   550 Huntington Avenue   |   Boston, MA 02115   |   617-989-4590