51ÁÔÆæ

To define the responsibilities, guidelines, and terms of use for user-owned mobile devices configured for 51ÁÔÆæ (51ÁÔÆæ) data use and that can access 51ÁÔÆæ’s electronic resources.

This policy applies to all users who utilize either 51ÁÔÆæ-owned or personally-owned mobile devices to access, store, back up, relocate, or access any 51ÁÔÆæ resources or information.

College Computing Resources: Computer hardware, software, data and network resources used and/or provided by 51ÁÔÆæ, including applications, intranet web access and 51ÁÔÆæ email/calendar/contacts.

Device Management: Management, security, and monitoring of all mobile devices that have access to college computing resources.

Mobile Device: Employee provided smartphone, tablet, or laptop to be used to perform 51ÁÔÆæ-related work or educational activities.

User: Anyone who uses 51ÁÔÆæ’s information technology resources, even if they have no responsibility for managing the resources. This includes students, faculty, staff, contractors, consultants, and temporary employees.

Policy

51ÁÔÆæ’s IT resources are provided to support 51ÁÔÆæ and its academic and service missions, its business and administrative function, and its student and campus life activities. 51ÁÔÆæ takes every precaution to protect the integrity and confidentiality of data that resides within 51ÁÔÆæ’s technology infrastructure. This policy is intended to prevent this data from being deliberately or inadvertently stored insecurely on a mobile device or transferred over an insecure network where it can potentially be compromised. A breach of this type could result in loss of information, damage to critical applications, financial loss, and damage to 51ÁÔÆæ’s public image. Users who bring personal devices to campus and use 51ÁÔÆæ’s IT resources must comply with state and federal laws and regulations, the guidelines in this policy, executive orders and policies of the Idaho Technology Authority (ITA) and the Idaho State Board of Education, and any other applicable 51ÁÔÆæ policies. Access to 51ÁÔÆæ resources and information is a privilege, not a right. Consequently, users are not automatically guaranteed the initial or ongoing ability to use these devices to gain access to 51ÁÔÆæ networks and information.

Guidelines 

Information Technology Responsibilities

• Information Technology (IT) is responsible for configuring and supporting the User’s Mobile Device to access College Computing Resources, such as 51ÁÔÆæ wireless for staff and guests.
• IT will provide configuration documentation for, and assistance with, Virtual Private Network (VPN) connectivity for remote access to 51ÁÔÆæ’s network by employees who are authorized to have such access.
• IT is not responsible for backing up or restoration of critical data stored on personally-owned computing equipment.

User Responsibilities

• The user is responsible for using college computing resources on his/her personal mobile device within the same constraints as on a 51ÁÔÆæ-owned device by adhering to all device and network acceptable use guidelines referenced herein and in any other applicable 51ÁÔÆæ policy.
• The user will not download or transfer sensitive business data to his/her mobile device.
• The user will password-protect his/her mobile device.
• The user must maintain the original mobile device operating system and keep the device current with security patches and updates, as released by the manufacturer.
• The user is responsible for any virus, adware, and spyware removal.
• The user is responsible for any software installed on his/her mobile device including the operating system and any home related network software or drivers.
• The user agrees to delete any sensitive business files that may be inadvertently downloaded and stored on his/her device through the process of viewing email attachments.
• The user will not backup, download, or transfer sensitive business data or documents to any third party service such as Dropbox or personal OneDrive.
• The user is responsible for all mobile device support requirements, including the cost of repairs, diagnostics, or replacement.

Appropriate Use 

• For personal computers and equipment, 51ÁÔÆæ IT offers limited technical support for issues related directly to classes only. This support includes help with:
  • Wireless internet access
  • my51ÁÔÆæ
  • Canvas
  • Classroom and conference room presentation

Cloud Based Storage

• Users are encouraged to use network or cloud based storage for any files that are accessed with mobile devices. This includes:
  • SharePoint sites
  • Network drives
  • 51ÁÔÆæ provided OneDrive

Jailbroken Or Rooted Devices

Jailbroken Apple iOS devices, rooted Android devices, and other similar devices pose a risk to 51ÁÔÆæ data contained within the secure communications app. Therefore, 51ÁÔÆæ will disable or remove 51ÁÔÆæ data access on mobile devices determined to be jailbroken or rooted.

Access Control

• IT reserves the right to refuse, by physical and non-physical means, the ability to connect mobile devices to 51ÁÔÆæ and 51ÁÔÆæ-connected infrastructure. IT will engage in such action if it feels such equipment is being used in a way that puts 51ÁÔÆæ’s systems, data, and users at risk.
• All mobile devices attempting to connect to 51ÁÔÆæ’s network through an unmanaged network (e.g., the internet) will be inspected using technology centrally managed by 51ÁÔÆæ’s IT department. Mobile devices that are not in compliance with IT security policies, or represent any threat to 51ÁÔÆæ’s network or data, will not be allowed to connect.
• Remote laptop computers or personal PCs for employees may only access 51ÁÔÆæ’s network using a VPN connection.
• Upon successful connection to the VPN, the employee’s remote device will be inspected for minimum virus protection, operating system versions and security. The connection will be refused if the minimum levels are not present.

Security

• Employees using mobile devices and related software for network and data access must, without exception, use secure data management procedures. All mobile devices must be protected by a strong password. Employees agree to never disclose their passwords to anyone.
• IT reserves the right, through policy enforcement and any other means it deems necessary, to limit the ability of users to transfer data to and from specific resources on the 51ÁÔÆæ network.
• IT can and will establish audit trails which may be accessed and used without notice. Such trails will be able to track the attachment of an external device to a PC, and the resulting reports may be used for investigation of possible breaches and/or misuse. The user agrees to and accepts that his/her access and/or connection to 51ÁÔÆæ’s networks may be monitored to record dates, times, duration of access, etc., in order to identify unusual usage patterns or other suspicious activity. This is done in order to identify accounts or computers that may have been compromised by external parties. In all cases, data protection remains 51ÁÔÆæ’s highest priority.

Copyright

• 51ÁÔÆæ actively monitors all media being downloaded or uploaded using 51ÁÔÆæ’s college computing resources. At no time should a user attempt to access, copy, upload, or download any copyrighted material.
• Upon detection of copyrighted material on the 51ÁÔÆæ’s network, the user will be notified of the violation with a warning.
• Subsequent violations may result in the termination of access to 51ÁÔÆæ’s college computing resources.

Privacy

• Users shall have no expectation of privacy related to mobile devices when connected to or using 51ÁÔÆæ’s college computing resources. 51ÁÔÆæ monitors, tracks and audits connectivity usage of all 51ÁÔÆæ college computing resources.

Policy Non-Compliance

• Failure to comply with this policy may, at the full discretion of 51ÁÔÆæ, result in the suspension of any or all technology use and connectivity privileges and corrective action up to and including termination, and for students, suspension and/or expulsion.