NORTHAMPTON UNIVERSITY

Northampton University security policy



Northampton University security policy

Security policy including

Northampton University acknowledges an obligation to ensure appropriate security for all Information Technology data, equipment, and processes within the University.

This security policy tends to ensure that the security and services of computing resources required by the Institution are purposefully implemented and followed by its esteemed computing population. It identifies exactly what services need to be provided to the world, and what services need to be provided to the University. This security policy is formulated to reflect how Northampton University wishes to use the Intranet and Internet, while minimizing the risk of attack.

The computing resources are intended for University related purposes, including direct and indirect support of the University's Academic, Research and Service missions; University Administrative functions; Student and campus life activities; and the free exchange of ideas within the University community and among the University community and the wider local, national, and world communities.

Scope (objective and importance)

The goals of this network security policy are:

a)To establish policies to protect the University's networks and computer systems from abuse and inappropriate use

b)To establish mechanisms that will aid in the identification and prevention of abuse of University networks and computer systems

c)To provide an effective mechanism for responding to external complaints and queries about real or perceived abuses of University networks and computer systems

d)To establish mechanisms that will protect the reputation of the University and will allow the University to satisfy its legal and ethical responsibilities with regard to its networks' and computer systems' connectivity to the worldwide Internet.

e)To establish mechanisms that will support the goals of other existing policies, e.g.

Staff / Faculty / Students Emailing Policy

Student Handbook

Roles and responsibilities

Authorization/Grant access and approve usage permission

Manager Information Technology Support Services (ITSC) and Network Administrators are the authorized personnel to grant access to Northampton University computing services. Special access like Internet and dial in shall be granted on the approval and permission of the Dean(s) and/or Head of the Department.

Extra privileges (read, write, scan, delete etc.) on the files, system volumes, directories or systems shall be granted to the users only by the permission of the HoD's in case of staff or Teaching Assistant/Research Associate and Project Director/Dean (s) in case of students.

Exceptional cases like Senior Year Projects or Research Projects shall be provided with root access or rights for the local machines for a limited period only by TSG.

The permission of Dean(s) or Manager ITSC will be required in case the user data/content of file(s) are to be monitored for system integrity/requirements.

Enforcement

Any member of the University who fail to adhere to this policy may be subject to penalties and disciplinary action, both within and outside the university. Violations will be handled through the university disciplinary procedures applicable to the relevant Department or School where applicable.

The University may temporarily suspend, block or restrict access to IT resources, IT staff, and/or segments independent of such procedures, when it reasonably appears necessary to do so in order to protect the integrity, security, or functionality of University or other ...