Home » Security for Faculty & Staff » What You Should Know » Responsible Computing for Faculty and Staff

Responsible Computing for Faculty and Staff

As a faculty or staff member of the Texas A&M University System, you must take proper precautions to safeguard your accounts and information associated with them. State law requires that all authorized users of the institution of higher education's or state agency's information resources formally acknowledge that they will comply with security policies and procedures of the institution or agency before they are granted access to information systems.

Your Responsibilities

Since computing accounts uniquely identify each user, you are generally responsible for any activity generated by your account.

Safeguard Your Account(s)

  • Do not share your account(s) with others.
  • Lock your workstation whenever you step away.
  • Log out of sites when finished where you have entered your username and password.
  • Disable any file sharing capabilities that you may have enabled with a file-sharing program (e.g., Limewire or BitTorrent) to help prevent unintended access to your computing files and to ensure your computer is not offering copyrighted material.
  • Protect confidential information under your account, or to that which your account has access, by whatever means are within your ability (e.g., using encryption).

Comply with University Rules and System Policies

  • These also include all relevant laws (local, state, and federal), license agreements (e.g., copyright), and contracts.
  • Use computing resources only for their intended purposes or incidental personal use (see Inappropriate Use of Computing Accounts and Resources).

Consequences for Failing to Fulfill Your Responsibilities

  • Restriction or denial of access to computing resources or computing privileges.
  • Other disciplinary action by the university or agency.
  • Law enforcement involvement.

Inappropriate Use of Computing Accounts and Resources

Important Note: Report suspected illegal or inappropriate use to your departmental IT staff and/or supervisor, or a designated reporting function (e.g., at Texas A&M University, go to complaint.tamu.edu).

  • Allowing someone to use your account or using someone else's account.
    • This includes using a computer that has not been logged out of by the previous user (even if you're not doing anything illegal or inappropriate under the account).
    • NOTE: If you allow someone to use your account, you are responsible for the activity generated by your account. On the other hand, if someone uses your account without your knowledge, you are only initially responsible for the account activity.
  • Using your account or computing resources for unauthorized commercial purposes or personal gain.
    • Operating or supporting a non-university/agency-related business.
    • Sending electronic advertising or spam.
  • Assuming the identity of someone else without their permission.
    • Subscribing others to mailing lists, or unsubscribing them, without their permission.
    • Sending forged, "official" emails.
  • Using your account or computing resources for illegal activities.
    • Viewing or possessing child pornography.
  • Gaining unauthorized access.
    • Breaking into systems or accounts by cracking passwords.
    • Exploiting vulnerabilities to gain elevated privileges.
    • Altering, copying, or deleting data not belonging to you.
    • Attempting to circumvent security measures on any network or computer without the permission of the owner.
  • Intentionally destroying or damaging equipment, software, or data belonging to the university, agency, or other users.
  • Attempting to degrade the performance or disrupt the operation of a computer system or network.
    • Flooding the network with email bombs.
    • Releasing or spreading malicious programs, such as viruses, worms, and Trojan horse programs.
  • Committing or assisting in acts of theft.
  • Using computing resources to harass, threaten, or libel someone.
    • Emailing obscene, indecent, or lewd material or other material that explicitly or implicitly refers to sexual conduct.
    • Using email or newsgroups to threaten or stalk someone.
    • Transmitting unsolicited information that contains profane language or relates to bigotry, sexism, or other forms of prohibited discrimination.

Incidental Personal Use of University Computing Resources

There is an "Incidental Personal Use" exception to the general prohibition against the use of computing resources for anything other than official state business. It states that employees may occasionally use computing resources for personal reasons, as long as it does NOT:

  • Result in additional cost to the state or your university or agency;
  • Result in financial gain for the user;
  • Concern business purposes where the business is owned by the employee or the work is done for another business (e.g., consulting work);
  • Occur excessively or for long durations;
  • Interfere with assigned job responsibilities;
  • Violate existing rules, policies, or laws.

In short, act responsibly and ethically with university resources to which you have been granted access.