��������������������������������������������������������������������������������������������������� January 17-18, 2002

 

ITEM 114-104-R0102����� Board of Regents Policies and Procedures Manual: Information Technology; Logging On and Off Computer Resources Number (3)������������ (New)

 

 

No. 3

 

POLICY - REQUIREMENTS

 

SCOPE

 

This policy applies to all MUS owned or managed computer systems.

 

REQUIREMENTS

 

MUS entities must provide for the security of their data and information resources.� Access to these resources must be controlled by having users properly log onto and off of computer systems and by prohibiting users from using another user�s User ID.

 

All MUS operated computer systems must display an informational banner at user-connection time explaining the following to potential users:

 

1.       what are considered proper uses of the particular computer system, and

2.       what are considered generally acceptable uses of MUS information technology resources; this information may be in the form of references to MUS policies on security and monitoring, acceptable use, or other pertinent topics.

 

SAMPLE WARNING BANNER

 

This computer is the property of Montana Tech and is subject to the MUS security, monitoring, and appropriate-use policies located at: http://�.� Unauthorized use is a violation of 45-6-311, MCA and Montana University System policies.� By continuing to use this system, you indicate your awareness of and consent to these terms and conditions of use.� Log off immediately [or "Do not log in," depending on where in the login sequence the banner is displayed] if you do not agree to the conditions stated in this warning.

 

GUIDELINES � RECOMMENDATIONS, NOT REQUIREMENTS

 

When users leave work at the end of each workday they should disconnect from network-accessible resources if possible.� They should power off their workstation(s), or use password-protected screen savers or �sleep modes� to prevent unauthorized access.

 

All network-accessible resources should be released (i.e., through user log-off) when not in use.

 

Users who plan to leave their computers unattended for 15 minutes or longer should either log off network-accessible resources or use password-protected screen savers or sleep modes to prevent unauthorized access.