Student regulations when using university IT systems

Contents

Policy statement

This control procedure defines the university’s approach to acceptable use of its IT systems, and directly supports the following policy statement from the Information Security Policy:

“The university’s security policies and expectations for acceptable use will be communicated to all users to ensure that they understand their responsibilities. Information security education and training will be made available to all staff, and poor and inappropriate behaviour will be addressed.”

Audience

This procedure is intended to be read and understood by all students accessing university information, IT systems, networks or software using any university or personally owned device.

Control statements

Provision of Computing Resources

The computing resources at the university are provided for use by staff and students in support of teaching, learning, research, consultancy and administrative activities. Their use for any other purpose which interferes with these primary aims, or which otherwise acts against the interests of the university, is prohibited.

The university reserves its right to withdraw access to computing facilities for non-approved purposes at any time. Use of university computing facilities for students’ commercial gain is prohibited.

Law

You are bound by the law of England and Wales when using computing facilities. Many specific items of legislation apply, but the ones of prime importance are:

It is your responsibility to ensure that your activities do not contravene these or any other laws. Your supervisor may be able to assist if you are in doubt.

If you are accessing computers abroad, remember that you may also be bound by the laws of that country.

You must be aware that the university is bound by relevant laws, including (but not limited to) Data Protection and Freedom of Information. Any information you create or store on University systems may be released under an information access request.

Prohibited Use of Computing Facilities

You must not use the computing facilities to access, create, store or transmit offensive, indecent, obscene, discriminatory or extremist material. This includes pornography, hate speech, violence and promotion of terrorism.

You must not use the computing facilities in a way that has the potential to create an environment that is offensive or threatening, or that may constitute harassment.

You must not send threatening, abusive, obscene or otherwise offensive communications.

In using the computing facilities you must not cause annoyance or needless anxiety to anyone else, nor prevent them making proper use of the facilities, for example by:

  • occupying a workstation for longer than necessary when someone else is waiting
  • behaving in an inconsiderate or distracting manner in computer labs or IT Zones

Logging & Access

The university may log all forms of IT use. Monitoring systems is necessary for administrators to identify and investigate technical or security related problems, and provides an audit log in the event of misconduct or criminal investigations.

The university reserves the right to inspect any items of computer equipment connected to the network. Any IT equipment connected to the university’s network will be removed if it is deemed to be breaching university policy or otherwise interfering with the operation of the network.

The university may need to access or suspend any user’s account for business purposes. Action will only be taken where it has been authorised by a suitable administrative representative.

For more information about access control, see the Access Control Procedure.

Passwords

You will be issued with a username and password to allow access to University computing facilities. This should be long, memorable and changed at the first opportunity.

You must not reveal the password to anyone else under any circumstances. You must not allow anyone else to use a computer logged in under your name without your immediate supervision. If you believe your password has been compromised, you should take steps to change it immediately and inform the university’s IT Helpline (use the Assist self-service portalto submit requests or call 0161 247 4646).

Other Service Providers

Where your access services are provided by other organisations, you must abide by their regulations. Any breach of such regulations will be regarded as a breach of these university regulations.
In particular, you must abide by the acceptable use policy for JANET, the Joint Academic Network, with which you should familiarise yourself. This policy is available at: https://community.jisc.ac.uk/printpdf/120.

Protection of Hardware and Software

You must not jeopardise the computing hardware in any way, for example by:

  • consuming food or drink or smoking in the vicinity of computer equipment
  • attempting to dismantle computer equipment
  • installing unauthorised software or deleting or modifying system files

The university reserves the right to charge students for the cost of rectification of damage which they cause and/or take further disciplinary action.

Software Licences

Students shall not copy software from, nor introduce software to university computing facilities without the express permission of a member of staff responsible for those facilities.

Students must not copy datasets to or from university computing facilities unless they have established that they are acting within any copyright conditions applying to the material.

Authority of IT Services Staff

Students must comply with any reasonable request or instruction issued by any IT Services staff with respect to the use of university computing facilities. Improper behaviour towards IT Services staff may result in formal disciplinary action.

Level of Service

Whilst the university endeavours to provide a high level of service, failure of any element of the computing service will not be accepted as valid excuse of failure to reach an acceptable standard in assignments or examinations unless no other reasonable method of conducting the work was available.

Compliance

Failure to comply with this procedure could result in action in line with the university’s disciplinary procedure or performance improvement procedure. 

Any prohibited use which is deemed to be in contravention of the law and/or which involves the intentional access, creation, storage or transmission of material which may be considered indecent or obscene will be regarded as an act of gross misconduct on the part of staff. This would also qualify as an act for which students may be expelled under the student disciplinary procedure.

Compliance checks will be undertaken by the university’s information governance functions. The results of compliance checks, their risk assessment and their remediation will be managed by the Information Security Board.

Related documents

This control procedure needs to be understood in the context of the other policies and procedures constituting the university’s Information Security Management System, as well as the university’s Dignity at Work policy (under review) and soon to be published Social Media policy. These two latter policies relate to this control procedure in terms of the professional conduct and behaviours of staff when representing or undertaking any university activities, including the use of communications platforms.

Browse Information Security policies and control procedures

Review

A review of this policy will be undertaken by the Information Security team annually or more frequently as required, and will be approved by the Information Governance Board.

Version: 4.3
Release date: 05/09/2023
Review date: 05/08/2024