Educause Security Discussion mailing list archives

Previous By Date Next
Previous By Thread Next

computer use policy

From: John Isenhour <jisenhou () KENNESAW EDU>
Date: Thu, 15 May 2003 14:35:47 -0400
Edwards, Francis" <FEdwards () MC CC MD US>
Does anyone have a guideline or other "policy" document restricting

the

installation or use of specific software on institutional computers?


I used to teach grad level design of computer policy and
used the security policy RFC 2196 as a handbook, its at
 http://www.faqs.org/rfcs/rfc2196.html

I've always found that policy documents need to stay a bit nebulous
rather than specific in order to remain effective, so using
"disruptive" or
"illegal" is better than "KaZaa".
Academic policy is fundamentally different from some business or
military type policy in that ours is "you can do anything but this"
where as the other is "you can only do this and nothing else".

I like the policy set out by N.C. State University (used to work
there)
it is located at
http://www2.ncsu.edu/prr/informationtechnology/REG08.00.2.php

Northwestern University has a good Rights and Responsibility document
at
http://www.it.northwestern.edu/policies/itpolicy.html

The Electronic Frontier Foundation (EFF) has info on things to consider
when
creating a policy at
http://www.eff.org/CAF/faq/policy

And they also have their favorite "best policy" sections snippets from
various
universities at
http://www.eff.org/CAF/faq/policy.best

And finally, you can find a sort of master list of use policy (its a
little outdated) at
http://www.uoregon.edu/~llynch/acceptable.html

cheers,
john



John L. Isenhour, Ph.D.
Director of Information Technology Services
Kennesaw State University
Phone: 770-423-6620  Fax: 770-423-6706

**********
Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at 
http://www.educause.edu/memdir/cg/.
Previous By Date Next
Previous By Thread Next

Current thread: