Acceptable Use Policy

Adopted April 2010 • Revised March 2024,

1.0 Overview

The Information Technology Department is committed to protecting Greenfield Community College's students, employees, partners and the college from illegal or damaging actions by individuals, either knowingly or unknowingly. The GCC Information Technology Department wants to preserve our culture of openness, trust and integrity.

GCCNET - Internet/Intranet/Extranet-related systems, including but not limited to computer equipment, software, operating systems, storage media, network accounts providing electronic mail, web browsing, and Secure File Transfer Protocol (SFTP), are the property of Greenfield Community College. These systems are to be used for business and academic purposes in serving the mission and principles of the college and of our students and employees in the course of normal operations.

Effective security is a team effort involving the participation and support of every Greenfield Community College employee, student, and affiliate who deals with information and/or information systems. It is the responsibility of every user to know these guidelines and to conduct their activities accordingly.

2.0 Purpose

The purpose of this policy is to outline the acceptable use of computer equipment and information technology systems at Greenfield Community College. These rules are in place to protect the employee, student and Greenfield Community College. Inappropriate use exposes Greenfield Community College to risks including malware attacks, compromise of network systems, non-public data, services, and legal issues.

3.0 Scope

This policy applies to employees (full-time, part-time, and temporary), students, contractors, consultants, and other users at Greenfield Community College, including all personnel affiliated with third parties. This policy applies to all equipment that is owned or leased by Greenfield Community College.

4.0 Policy

4.1 General Use and Ownership

  1. Users should be aware that the data they create on the college systems remains the property of Greenfield Community College. Because of the need to protect the network, the Information Technology Department cannot guarantee the confidentiality of information stored on any network device belonging to Greenfield Community College.
  2. Employees are responsible for exercising good judgment regarding personal use. The Human Resources Department follows college guidelines concerning personal use of Internet/Intranet/Extranet systems that apply to all employees. If there is any uncertainty, employees should consult their supervisor or the Human Resources Department.
  3. The Information Technology Department recommends that any information considered sensitive or vulnerable be encrypted.
  4. For security and network maintenance purposes, authorized employees of Greenfield Community College may monitor equipment, systems and network traffic upon request by the President.
  5. Greenfield Community College reserves the right to audit networks and systems periodically to ensure compliance with this policy and security.

4.2 Security and Proprietary Information

  1. Information contained on Internet/Intranet/Extranet-related systems should be classified as confidential or not confidential as defined by Information Sensitivity Guidelines and FERPA.
  2. Authorized users are responsible for the security of their passwords and accounts. System level passwords should be changed quarterly; user level passwords every six months.
  3. All PCs, laptops, and workstations should be secured with a password-protected screensaver set to activate at 20 minutes or less, or by logging off when unattended.
  4. Special care should be exercised for portable computer security.
  5. Postings from a GCC email address to newsgroups should contain a disclaimer unless posting is part of official duties.
  6. All connected devices must run approved anti-malware software with a current virus database.
  7. Use caution when opening email attachments from unknown senders.

4.3 Limitations

  1. Full GCC computer resources are available only to currently enrolled students and employees. Guest access is available to the public in designated areas.
  2. Users are responsible for deleting files that are no longer needed.
  3. All use must comply with this policy and applicable laws.
  4. Accounts and passwords are not transferable.
  5. Profanity, harassing, obscene, or sexually explicit materials may not be transmitted through GCC systems.
  6. Attempts to disrupt or damage the GCC Computer Network are prohibited.
  7. Unauthorized attempts to acquire non-public information violate confidentiality laws.

4.4 Unacceptable Use

The following activities are generally prohibited unless required for legitimate job responsibilities.

Under no circumstances is an employee or student authorized to engage in illegal activity while using GCC-owned resources.

System and Network Activities

  1. Violations of copyright or intellectual property laws.
  2. Unauthorized copying or distribution of copyrighted material.
  3. Illegal export of software or encryption technology.
  4. Introduction of malware.
  5. Sharing account passwords.
  6. Engaging in harassment or hostile workplace violations.
  7. Fraudulent offers using GCC accounts.
  8. Security breaches or network disruptions.
  9. Port scanning without prior notification to IT.
  10. Unauthorized network monitoring.
  11. Circumventing user authentication.
  12. Interfering with another user's session.
  13. Providing employee or student lists without authorization.

Email and Communications Activities

  1. Refer to the Greenfield Community College e-communication policy.

This policy is not intended to interfere with rights under the First Amendment or the National Labor Relations Act.