Select Page

Guidelines on Use of The School of Design Sciences Computing and Network Resources

Preamble

Computing and network resources are important elements of the School of Design Sciences (“DESC” or “school”) infrastructure. These Guidelines govern the appropriate and ethical use of these resources, inform users of expectations and responsibilities assumed in the use of DESC computing and network resources, and clarify the context.

Guiding principles

DESC encourages the use of computing and network resources to enhance the working and learning environment of its members.

These resources are provided primarily to support and further the mission of DESC.

DESC values and strives to provide its members with an environment of free inquiry and expression. Freedom of expression and research-academic freedom in electronic format have the same latitude as in printed or oral communication.

Members of the DESC community are responsible and accountable for their actions and statements, which includes exercising reasonable restraint in the consumption of shared resources. Users of computing and network resources are expected to be aware of and comply with applicable state, provincial and federal laws and pertinent DESC policies [e.g., Ethical Behaviour #20Extra-School Activity (Faculty Members) #27Use of Proprietary Software #32Conflict of Interest #39Participant Discipline #36Intellectual Property Rights #15].

DESC strives to protect the privacy of users and to provide reasonable security for DESC computing and network resources. A system user’s account is normally accessed only with the user’s informed consent. However, circumstances may arise that justify access absent the user’s consent; examples include where security is at issue, Freedom of Information (FoI) requests, or apparent breach of applicable laws or DESC policies and procedures.

With regards to cloud services, the School does not ensure the capability to restore an individual’s deleted personal or working files/data beyond the user-accessible facilities (e.g., versions and recycle bin) provided by the vendor.

Rights/Responsibilities

Contained within and following from the Guiding Principles are rights and responsibilities of both the user and the School. Some of these are presented below:

DESC rights and responsibilities:

  • To allocate the use of and access to DESC computing and network resources.
  • To define access privileges of DESC users and, for just cause, to revoke such privileges.
  • To inform DESC users of their rights and responsibilities in the use of DESC computing and network resources, and to communicate clearly the terms and conditions under which access to and use of such resources are provided.
  • To ensure reasonable safeguards to protect the privacy of DESC users.
  • To ensure reasonable security for DESC computing and network resources and to act upon complaints.
  • User rights and responsibilities:
  • To a presumption of reasonable privacy in the use of the computing resources assigned to them2.
  • To use DESC computing and network resources in a manner which does not unduly interfere with the study, work or working environment of other users.
  • To be accountable for the use of computing and network resources assigned to the user.
  • To seek permission from the appropriate School authority to use DESC computing or network resources for purposes different from those for which they were allocated or acquired

Users of cloud services are expected to exercise the utmost care when sharing files (e.g., verify spelling of names and email addresses).

Privacy/adjudication/disciplinary action

When circumstances arise that would appear to justify accessing a user’s account absent consent (e.g., suspicion of criminal or inappropriate use), the appropriate course of action will be determined by the supervisor(s) of the user in question, in consultation with the appropriate member(s) of The School Governance on Information Systems & Technology.

When criminal behavior is suspected, the Special Security Service will provide advice on how to proceed. If the person requesting access is the user’s supervisor (directly or indirectly), then his/her supervisor will make the determination.

When agreement on a course of action cannot be reached, the issue will be escalated to the next supervisory level, with the final link in the escalation path being the Executive Director, Provost, or his/her delegate. The Executive Director, Provost’s decision is final. When there is doubt as to what action is appropriate, advice should be obtained from the Associate Director, Provost, Information Systems & Technology (IST) and/or the Secretary of the School, who may in turn seek legal advice. When a user’s account is accessed, there must be two persons present (one to serve as witness; individual to be dictated by circumstance; likely manager’s manager). 

Misuse of the School’s computing and network resources may result in disciplinary action within the School. Any such action undertaken will be governed by relevant DESC policies [e.g., Staff Employment #14Ethical Behaviour #20Participant Discipline #36] and the Memorandum of Agreement. Disciplinary measures resulting from alleged infringements of DESC policies may be appealed under the grievance processes for staff (Policy 21)participants (Policy 35), and faculty (the Memorandum of Agreement).

Review Examples

Review examples that illustrate the application of this document.

Users should be aware that normal system maintenance procedures, such as regular backups or routine troubleshooting, may involve access without users’ consent. In such cases, files are not viewed and personal data are not collected.

Users should be aware that certain information (login records, network traffic, services used and by whom, etc.) is gathered routinely, and may be used during investigations of possible inappropriate computer or network use.

Submit a Support Request or Open a Ticket

Please let us know your requirements, provide your feedback on this guideline, or other issues related to hardware and software and other data security requirements