Employee Computer Security

Employee Computer Security

POLICY OF BOARD OF TRUSTEES OF PEARL RIVER COMMUNITY COLLEGE 

Adopted: Tuesday, July 8, 1997 
Revision Number: 2 
Revision Date: Tuesday, June 13, 2023 
Reference: Administrative

Policy:

Pearl River Community College will provide personnel with access to computers, computer systems, and computer networks.  Each user must agree to the guidelines and rules prior to receiving this access. 

Procedure:

  1. Personnel will be required to acknowledge adherence to the Computer Security Policy upon login, recognizing that they have read, understood, and agreed to abide by the procedures that have been established by Pearl River Community College.
  2. Personnel utilizing the computer system and network must accept the responsibilities and obligations for ethical use that is mandated by Pearl River Community College, state government policies, and laws.
  3. Use of Pearl River Community College’s computer system and network will be subject to monitoring for security and management purposes.  Users must be aware of this monitoring and management and agree to this practice.
  4. Individual users are responsible for the security of their workstations and the data they store.
  5. Users must accept responsibility for their logins, passwords, and user IDs—these must be kept confidential. Each employee is responsible for all transactions occurring during the use of his or her login and password. Users should not share credentials with anyone, even employees or student workers.
    Guidelines for Password Selection:  
    • DON’T use your login name in any form. 
    • DON’T use your first, middle, or last name in any form (backwards, scrambled, etc.). 
    • DON’T use your spouse’s or child’s name.
    • DON’T use other information that can be easily obtained about you (license #, social security #,  telephone make of your automobile, the name of the street you live on, your pet’s name, etc.)
    • DON’T use a password that contains all digits or all letters–mix numbers and letters. 
    • DON’T use a word contained in English or foreign language dictionaries, spelling lists, or other lists of words.
    • DON’T use a password shorter than six characters. 
    • DO use a password with mixed-case alphabetics, digits and/or punctuation. 
    • DO use a password that is easy to remember so you won’t have to write it down. 
    • DO use a password that you can type quickly without having to look at the keyboard. 
    • TIP:  Choose a line or two from a song or poem and use the first letter of each word. 
    • TIP:  Alternate between one consonant and one or two vowels, up to twelve characters.  This provides nonsense words which are usually pronounceable, and thus easily remembered.
    • Change your password periodically.  This makes sure that an intruder who has guessed a password will eventually lose access, as well as invalidating any list of passwords they may have obtained.
  6. If any user suspects that his or her login and password have been used by another person, immediately notify the Pearl River Community College Department of Information Technology. Information Technology employees will investigate the problem and decide what course to follow.
  7. The computer network system can be used for official college business only, not for personal gain or commercial purposes. 
  8. Users will not attempt to modify the computer systems in any unauthorized manner. 
  9. Copying of copyrighted software or other materials may be a violation of the copyright laws and is not permitted. Users who violate copyright laws are acting outside the scope of their employment and will be held personally responsible and liable for these violations.  Pearl River Community College accepts no responsibility for such activities. 
  10. Files that are owned by someone else should not be accessed without the owner’s permission; viewing or using files that do not belong to you is an invasion of that owner’s privacy.  Breaking into accounts or bypassing security is not permitted.
  11. If it is determined that a user is in violation of the guidelines, he/she may be subject to restrictions, banned from use of the network, and/or disciplinary action.
  12. Access to all of Pearl River Community College’s administrative computer systems are for official use only. This includes but is not limited to BANNER, SIRSI, Canvas, Wildcat Web Online Portal, and PRCC e-mail.
  13. Use of College-issued two factor authentication is required by employees to maintain optimum security for College computer systems and networks.
  14. Employees will have access to student information and other administrative systems. The confidentiality of these records is governed by the federal Family Education Rights and Privacy Act of 1974 (aka, Buckley Amendment, FERPA).  All information is confidential, and students have a right to expect that academic records are being properly supervised.  Requests for disclosure of information should be directed to the appropriate college official.
  15. Security infractions with an e-mail account should be reported to the Department of Information Technology immediately.
  16. Employee e-mail accounts will be removed when their employment is terminated with the College. 
  17. It is the responsibility of all e-mail account holders to abide by the Pearl River Community College Computer Security Policy.
  18. E-mail is public domain. Employee email should not be utilized for private conversation.
  19. No modems will be allowed in individual computers.  Regular site checks will be conducted in order to assure compliance with this policy.  Any user found in violation of this policy will be disconnected from the campus network.
  20. Adherence to these rules and regulations is critical for computer utilization services and information security.
Updated on August 28, 2024

Each community college president is asked to bring two (2) wrapped door prizes, minimum value of $50 each. We will have a station set up at the conference for you to drop off the door prizes.

Each community college is asked to provide name tags for their Board members, administration, and staff attending the conference.