(1) Western Sydney University provides computing, networking, information and communication resources to the University community to support teaching and research, student learning, and efficient administrative processes. Access to Information Technology resources is granted to members of the University community who are enrolled students, employees, members of participating eduroam organisations, or formal affiliates or associates of the University. The University is responsible for protecting its significant investment in IT resources, and must also meet its legal obligations. It will not jeopardise these through the improper actions of any group or individual. Nothing in this policy requires the University to provide remote access or computer laboratory facilities to the University Community.
(2) The following definitions apply for the purpose of this policy:
(3) All users of University IT resources are responsible for ensuring that they use them in efficient, ethical, and lawful ways.
(4) Only authorised users are permitted access to University IT resources (see Section 2 for definition).
(5) The University plans to participate in eduroam;
(6) Authorised users of University IT resources may use them only to discharge the responsibilities of their positions as employees, to further their studies/instruction as students, to conduct their official business with the University, or in other activities sanctioned by the University. All usage must be efficient, ethical and lawful. Questions concerning usage should be referred to CIDO.
(7) Passwords and login details are provided for the sole use of the authorised user. They should be treated as private and confidential, and must not be divulged or distributed.
(8) Only the authorised owner or the Chief Information and Digital Officer or authorised support staff may read, change (including remove) or copy any data, programs, files or directories on any University computer or other computers accessed using the University network.
(9) A user must not attempt to interfere with IT resources or attempt to subvert the security of any University IT resource. This includes:
(10) University IT resources must not be used to copy software, upload or download material that is licensed or protected under copyright or trademark laws unless such activities fall within current licensing conditions and/or copyright legislation.
(11) University IT resources must not be used for preparing, storing, receiving, displaying, transmitting or communicating information, material or messages:
(12) University IT resources must not be used for commercial or private gain or the gain of a third party, except where there is an established relationship to the University (e.g. a commercial entity of the University).
(13) All University IT resources must be treated with care, irrespective of location. No person shall deliberately damage, help to damage or tamper with facilities, resources or services. No University owned or leased IT resource is to be moved off-site without appropriate permission.
(14) University IT resources are not to be used to gain unauthorised access to other computers/networks/systems/files/data, regardless of the intention.
(16) Any attempt (successful or otherwise) to invade the privacy of others using IT resources will be regarded as a breach of this policy.
(17) The University works to ensure that it manages and uses its IT resources efficiently and effectively. To protect the interests of the University and to ensure compliance with this Policy, the Chief Information and Digital Officer (or nominee) retains the right to examine any data or files and to monitor computer usage, and to intervene when necessary.
(18) Breaches of this Policy will be reported immediately to the Chief Information and Digital Officer. Complaints in relation to breaches may also be forwarded to the Chief Information and Digital Officer and the Director, Equity and Diversity, for action. In these circumstances confidentiality will be maintained.
(19) If the Chief Information and Digital Officer believes that unethical or illegal activities, or activities inconsistent with the University's purpose or mission, have occurred, these processes will be followed:
(20) All University IT resource usage is logged and may be audited. Use of eduroam resources may be logged and audited by participating organisations. The University logs and audits the activities of visiting eduroam users. Usage and activity records belong to the University, not to the individual user. In most cases, these are admissible as evidence and are subject to relevant State and Federal Laws.
(21) The University is responsible for ensuring the services and resources it provides to its community are used in efficient, lawful, proper and ethical ways.
(22) The Chief Information and Digital Officer (or nominee/s) has the responsibility to:
(23) Executives/Directors/Managers/Team Leaders/Deans have the responsibility to do the following:
(24) Staff, students, and affiliates/associates are responsible for ensuring their usage complies with this Policy, for paying any relevant charges incurred, and for informing Information Technology and Digital Services when they cease their association with the University.
(25) These are provided to help those responsible for certifying and sponsoring/recommending applications for access to IT resources (internally or remotely). With respect to Internet access, the "AARNet Policy on Allowed Access to AARNet" provides guidelines on allowable access and conditions of access.
(26) These should also be considered in respect to applications for Internet services by individuals or groups affiliated/associated with the University.
(27) For the purposes of this Policy, a staff member is a person employed as a Higher Education Worker or Academic. Employment may be full-time, part-time or casual. Some types of access are provided routinely to staff to enable them to fulfil their duties. Access to other IT resources may be considered on the following grounds:
(28) For the purposes of this Policy, a student is a person enrolled in a course of study or subject units offered by the University. Enrolled students are provided with access to the computing laboratories and network services.
(29) Access to IT resources requires an application supported by the Director /Dean /Manager of the area or association, and agreement of the Chief Information and Digital Officer or nominee. Access to systems and services will expire at the end of the specified period or contract/term of appointment. Affiliates must agree to abide by this and other related policies, including paying for any loss or damage the University may sustain, should they improperly use University IT resources. This category may comprise, but is not limited to the following:
(30) Within this category, where access levels/types permitted are unclear, clarification should be obtained from the Chief Information and Digital Officer.
(31) In managing its operations, including those in IT, the University is required to take all reasonable steps to ensure compliance with relevant legislation. The legislation listed on the Associated Information page has helped form this Policy. Users of IT resources at the University do so subject to all applicable laws and University policies.