To ensure the continued integrity of its information technology resources, facilities and controls, the University may audit, inspect and/or monitor network or resource usage, at any time, without notice. The University may limit or terminate the network access of any user who is in violation of any University or Information Technology (IT) policies.
Examples of improper use include, but are not limited to the following:
- Unauthorized access to network or electronic data in any form;
- The use of another’s password or account;
- The use of University data, networks or IT resources for commercial or political purposes;
- The unauthorized alteration of electronic files, including any disruption or interference (hacking / spam / viral programs);
- Software license or intellectual property violations;
- The violation of any University policy, local, state or federal law, harassment or defamation.
Users with access to confidential, privileged or financial data protected by law or University policy must adhere to the following security requirements:
Desktop security: All computers must be secured and non-approved software removed. Only approved software may be installed. Individual users on administrative systems may not add or remove software without Information Technology involvement. USB ports will be disabled to prevent the transportation or misuse of confidential information.
Internet: Internet browsing will be limited to approved, business websites by unit Directors. Personal webmail such as Yahoo, Google, etc. is not allowed.
Passwords: Frequent password changes will be required using unique combinations of alphanumeric and character sets such as “#, !” and so forth. Staff must not share passwords.
Remote Access: Remote access will be limited to LIU-owned computers utilizing virtual Citrix software that prevents the accidental transfer of information. All remote access must be authorized for business operation continuity purposes and approved by a University Officer.
Laptop security: Laptop use is not authorized for persons with access to extremely privileged information due to the risk of loss and associated threat of security breach. When laptop usage cannot be avoided, strong data encryption must be applied.
The University may also restrict unlimited electronic access. If an imposed limitation interferes with a user’s bona fide educational or research activities, the user may direct a written request for a waiver to his or her Department Chair, who, on approval, shall forward the request to the appropriate Dean for review. The University reserves the right to limit the use of information technology resources based on institutional priorities, technical capacity and fiscal considerations.
Article 156 of the New York State Penal Code and federal law (18 USC §§ 1030, 1302, 2252, 2501) impose criminal sanctions for certain offenses involving computers, software and computer data, including unauthorized use, fraud, computer trespass, computer tampering and unauthorized access to student records. Misuse of the University’s information technology resources is subject to disciplinary and/or legal action.