Unit 5: Task

Task: Share with us your top 5-10 code of ethics statements for using technology in the classroom or your professional workplace:

These are ICT Acceptable Use Procedures from James Cook University  ICT Acceptable Use Procedures – Policy – JCU Australia

Top 5 statements are:

Personal computer security

2.1 University staff and students, who use a personal computer (including smartphones) must:

a. Take responsibility for the security of personally owned computers and equipment used in conjunction with the University’s ICT Services;

b. Familiarise themselves with ICT good practice guidelines (available on the Information and Communications Technology website) and take reasonable steps to ensure that personal computer(s) do not pose a threat to University ICT Services when connected to the University network. This may include:

  • Regularly scanning their device for viruses; and
  • Maintaining up-to-date software versions; and

c. Protect against loss or theft of University data by:

  • Regularly backing up data;
  • Using encryption tools to protect sensitive data;
  • Logging off or locking devices when left unattended;
  • Implementing a secure access mechanism, such as a password; and
  • Avoiding leaving devices unattended in public places even if physically secured.

Software licensing

3.1 The University has entered into various software licensing agreements with software vendors. Under the terms of those agreements, University staff and students may be able to install any of the products covered under the agreement onto University owned machine or personal device(s).

3.2 Refer to the Software Supplier Agreements & Offers on the University Intranet for information on how to access software and the terms of use which must be complied with by staff and students.

Data management

7.1 All academic research supervisors and College Deans are responsible for ensuring that they:

  • Define research data management requirements and communicate these requirements to the relevant stakeholders; as required by the Code for the Responsible Conduct of Research.

7.2 All University staff and students must:

7.2.1 Adhere to the data management requirements as specified by their College or Division;

7.2.2 Ensure all electronically held University owned information is stored in such a way that it is backed up regularly. This can be achieved by:

  • storing data on University approved systems;
  • storing data on a University network drive or system; or
  • storing data on a University endorsed cloud based storage; and

7.2.3 Ensure all University owned information is disposed of in accordance with the University’s Records Management Policy and sustainability procedures as provided by TropEco.

Security management

8.1 All Asset Owners must:

  • Take responsibility for the physical security and access control of all the data stored on, transmitted through or processed by University ICT Services within their responsibility;
  • Implement suitable security controls to prevent un-authorised access or modification to data; and
  • Monitor the effectiveness of security controls to ensure their on-going effectiveness.

8.2 Information and Communications Technology must:

  • Lead and advise on good practice security management across the University. This includes providing advice and support to Asset Owners on good practice with regard to information and data security;
  • Manage common University ICT Services in such a way that the services and data are reasonably protected from:
    • Unauthorised access and unacceptable use;
    • Common and easily exploitable vulnerabilities;
    • Wilful, malicious damage or any activity undertaken to intentionally bypass security controls on University ICT Services; and
    • Virus infection and malicious software;
  • Take reasonable steps to ensure that data on University ICT Services is:
    • Accurate and complete;
    • Available to be accessed by Authorised Users, and only those users, when required; and
    • Recovered in an agreed timeframe in the event of serious systems failure or disaster;
  • Ensure required University owned or leased computers, desktops or laptops are configured to have a password enabled screensaver that activates within a period of no greater than 30 minutes of inactivity;
  • Promote a positive and safe computing environment for all Authorised Users;
  • Implement appropriate quotas on the use of University ICT Services (this may include print, file storage, email and internet usage) in order to ensure the ongoing integrity and availability of University ICT Services;
  • Ensure sensitive information is disposed of in a manner that renders any information illegible and irretrievable at the time of disposal by:
    • Physically destroying the media;
    • Bulk wiping (degaussing); or
    • Implementing an industry approved 3-times secure wipe of the media; and
  • Carry out security reviews of University ICT services to verify the on-going effectiveness of controls. This should include access reviews of administrative accounts.

Inadvertent unacceptable use

13.1 Authorised Users, who inadvertently receive, transmit or access material (for example, via email or the Internet) that may be considered Inappropriate Material and is not related to their work duties, must take immediate action to either delete such material or cease such access.

13.2 Advice must be sought from the Authorised User’s supervisor or the ICT Help Desk if Inappropriate Material continues to be received.

+ There are no comments

Add yours

This site uses Akismet to reduce spam. Learn how your comment data is processed.