Information Technology Policies

mg游戏平台技术资源的使用是为了实现学院的研究使命的唯一目的, teaching and learning, and civic engagement as outlined in the MCCS Acceptable Use Policy. Eligible individuals are provided access in order to support their studies, instruction, duties as employees and other official business with the college. Individuals may not share with, or transfer to others, their account information including network IDs, passwords, or other access codes that allow them to gain access to information technology resources.

Technology resources may not be used in a manner that violates the law, for private commercial activities that are not approved by the school, for personal private gain, 干扰员工履行工作职责或从事与学校免税地位不一致的活动. Additionally, the acceptable use policy must be adhered to at all times to ensure the network is being used appropriately.

Technology Support

College Owned Computers

The technology staff is responsible for supporting the college-owned computers, telecommunication equipment, controls, networks and network infrastructure. To report a problem, users will be responsible for submitting a work order via the information portal. 一旦工单提交，技术支持人员将作出回应并采取适当的措施.

Non-College Owned Computers

The Information Technology Office may not provide support for personally owned computers and technology.

如果连接到mg游戏平台的技术，如无线网络和投影仪，技术支持人员可以提供咨询和有限的诊断. However, for issues other than those deemed minor by the IT staff, the owner will be directed to the original equipment provider or to local technical support vendors.

Wireless Access

Students, faculty and staff are provided wireless network access for the purpose of accessing network storage, the Internet and other technology resources provided by the College. The campus community will have access to the wireless network using their network ID and password.

市民及学院嘉宾亦有机会使用无线网络. Temporary network accounts will be provided and distributed at the library circulation desk. 非NMCC注册或受雇的用户将需要驾驶执照或其他两种形式的唯一身份证件来获得临时网络ID. These accounts are disabled after seven days and removed from the system one month after issuance.

Minimum system requirements to access the NMCC wireless network:

* Windows XP Service Pack 2
* Mac OSX
* Wireless 54 G adapter
* The following must be installed, enabled and up to date:
o Professional Antivirus (Norton, McAfee, Trend-Micro)
o Personal Firewall (Windows XP, McAfee, Zone Alarm)

Waiver of Liability

The information technology staff ensures that all controllable situations are handled professionally, however, 作为mg游戏平台网络的用户，有超出学院控制的因素. These factors may include, but are not limited to: theft of unattended equipment, unsecured data transmission, natural disasters, electrical outages or other unforeseen circumstances that may hinder or affect the network, user’s equipment, and other College technology. As a network user, you agree to hold harmless the College, 其工作人员和/或代理因使用本网络而对您的设备造成任何损害或不利影响, accepting consultation or problem diagnosis by the College’s technology support staff or agents.

Violation of Usage and Support Policies

The use of NMCC network is a privilege, not a right. All students, faculty, 员工和一般公众用户应遵守使用和支持政策以及可接受使用政策. Inappropriate use may result in a cancellation of those privileges and/or disciplinary action may be taken.

Primary Goal of Information Resources:

To support and enhance the educational activities of NMCC by providing access to additional resources, both within and external to NMCC and extending the opportunity for collaborative work.

The college encourages the use of college resources for these primary activities. These resources include, but are not limited to, hardware (including telephones, computers, and traditional media equipment) either owned or leased by the college, software, and consulting time (and expertise) of the computer staff.

利用学院提供的技术资源进行与加强和促进教学不直接相关的活动, collaborative work, and applied research should be considered as secondary activities. Should such secondary activities in any way interfere with primary activities, they may be terminated or limited immediately.

Many of the technology resources of the college are shared among the entire college community. 每个使用这些资源的人都应该考虑到他人的需求，并确保没有任何事情妨碍其他人使用这些资源.

Such impediments may include, but are not limited to:

• activities that obstruct usage or deny access to others
• activities that compromise privacy
• activities that harass
• activities that are libelous
• attempting to “hack” into any computer either at the College or elsewhere
• activities that violate copyright laws
• activities that violate college rules
• destruction or alteration of data or information belonging to others
• activities that violate local, state, or federal laws
• unauthorized use of computer accounts
• impersonating other individuals
• creating, using or distributing, virus programs or programs that attempt to explore or exploit network security and/or other vulnerabilities
• attempts to capture or crack passwords or break encryption protocols
• allowing anyone else to use any of your account(s)
• extensive use of resources for private or personal use

Questions or Problems:

The Information Technology Office, instructors, advisors, 和主管可以帮助您澄清本政策或帮助您解决您在使用NMCC计算服务和设施时遇到的任何其他问题.

Violation of Policy:

任何用户如果不遵守其所连接的网络的可接受使用政策，其对NMCC网络的访问可能会被终止. The use of NMCC network is a privilege, not a right, 和不当使用可能会导致取消这些特权和/或根据mcc政策和程序和/或NMCC学生行为准则采取纪律处分.

The NMCC policies recognize and amplify the MCCS Computer Network Acceptable Use Policy.

MAINE COMMUNITY COLLEGE SYSTEM

GENERAL ADMINISTRATION

Section 203

SUBJECT: COMPUTER AND NETWORK USE

PURPOSE: To promote the responsible use of college and System computers and networks

 

As with any college system, the MCCS seeks to enhance opportunities for individual and collaborative learning and research. As a public institution with limited resources and distinct policy and legal obligations, the MCCS also needs to ensure that such uses are consistent with those resources and obligations. The goal of this policy is to balance these interests and promote responsible and secure use for all.

A. Application

This policy applies to:

1. Each college and other entity of the MCCS;

2. All computing resources owned or operated by the MCCS including, but not limited to, all hardware, software, peripherals, networks, network components, accounts, physical and logical data, e-mail and all other data or information transmitted by such equipment (“computers”);

3. All employees, students and other persons who use such computers (“users”); and

4. In addition to any other computer use policy adopted by entities within the MCCS, and by entities outside the MCCS that operate resources accessed through or from the MCCS.

B. General Rules

1. Educational Priority

The priority use of MCCS computers is to provide direct support for learning, teaching and administration of MCCS programs. Such priority will govern access to MCCS computers.

2. Use is a Privilege, Not a Right

Use of MCCS computers and accounts thereon is a privilege, not a right. This privilege is limited by the provisions of this policy, any other pertinent policy or law, and may be withdrawn for violation thereof.

3. Limited Right of Privacy

Users may not have an expectation of privacy in their use of MCCS computers or networks. For example, the MCCS reserves the following rights:

a. Periodic Network Monitoring

The MCCS reserves the right to monitor periodically, randomly and without notice use rates, patterns, speed and system capacity to ensure the efficiency or integrity of the MCCS network and its computers. Such monitoring may proceed only by a person expressly authorized by the MCCS or college president;

b. Inspection of a Particular Account or Computer

The MCCS reserves the right to inspect those accounts, computers or files that the MCCS has reason to believe are misused, corrupt or damaged. Such inspection may proceed only by a person expressly authorized by the MCCS or college president and as advised by the MCCS general counsel; and

c. Access by Outside Agencies

User accounts, computers or files may also be subject to access in response to subpoenas, court orders, or other legal or regulatory requirements. Users will be notified as promptly as possible, unless notification is precluded by such subpoena or order.

4. Limited Designated Forum

The MCCS computer network constitutes a limited designated forum. This forum is designated for the limited purpose of helping students pursue, faculty to provide, and non-teaching staff to support the colleges’ education, training and related programs.

5. Time, Manner and Place Limitations

MCCS保留在MCCS认为有必要调节系统容量和速度的时间和地点限制在MCCS计算机上或通过MCCS计算机进行某些使用的权利. These limitations apply, but are not limited to, the downloading of video, music, photographic and other large data files.

6. Website and Webpage Development and Management

Any website, web page or other portion of a website hosted by a server owned, operated or maintained by a college or the MCCS is the property and speech of the MCCS, and the MCCS reserves all rights to control the access to, content of, and all other aspects regarding such web pages or websites. 校长会议可采取程序，控制这些网页和网站的开发和管理, including standards controlling links to web pages and/or websites that are not owned, operated or maintained by a college or the MCCS.

C. Specific Prohibitions

Conduct that violates this policy includes, but is not limited to, the following:

1. Displaying, downloading, printing or distributing obscene, 以构成性骚扰或其他违法行为的方式提供色情或性侵犯的图像或文字;
2. Violating copyright laws, including the unlawful reproduction or dissemination of copyrighted text, images, music, video and other protected materials;
3. Using System computers for commercial activity, such as selling products or services;
4. Unauthorized access to or use of a computer, computer account or network;
5. Connecting unauthorized equipment to a college or MCCS network;
6. Unauthorized attempts to circumvent data protection or security including, but not limited to, creating or running programs that identify security loopholes or decrypt secure data;
7. 故意或者过失进行干扰计算机正常工作的行为;
8. Deliberately or negligently running or installing a program that, by intent or effect, damages a computer, system or network. This includes, but is not limited to, programs known as computer “viruses,” “trojan horses” and “worms;”
9. Deliberately or negligently wasting computing resources;
10. Deliberately or negligently overloading computing resources, such as running excessive programs that use relatively substantial bandwidth and other resources. This includes, but is not limited to, peer-to-peer applications;
11. Violating terms of applicable software licensing agreements;
12. Using electronic mail to harass or threaten another person or organization;
13. Initiating or perpetuating electronic chain letters or unauthorized mass mailings. This includes, but is not limited to: multiple mailings to news groups, mailing lists or individuals; “spamming;” “flooding;” and “bombing;”
14. Misrepresenting or misappropriating the identity of a person or computer in an electronic communication;
15. Transmitting or reproducing materials that are libelous or defamatory;
16. Unauthorized monitoring of another user’s electronic communications; or reading, copying, changing or deleting another user’s files or software without authority;
17. Communications that use public resources to promote partisan political activities;
18. Communications that are not otherwise protected by law because they constitute, for example, defamation, incitement to unlawful conduct, an imminent threat of actual violence or harm, fighting words, terrorist threats, gross disobedience of legitimate rules, criminal or severe civil harassment or false advertising; and
19. 19. Otherwise violating existing laws or System policies.

D. Enforcement

Violation of this policy may result in the loss of computing and/or network access; other disciplinary action; and/or appropriate civil or criminal legal action.

E. Security

Upon recommendations of the college and System directors of information technology, 校长理事会应采取一种程序，为所有系统和大学计算机和网络提供充分统一的安全保障.

REFERENCES: 20-A M.R.S.A. §12706(1)

DATE ADOPTED: June 24, 2009

GENERAL ADMINISTRATION
Section 203.1

SUBJECT: NOTICE OF RISK TO PERSONAL DATA
PURPOSE: To establish a procedure to provide notice of risk to personal data

I. Introduction
This Procedure complies with the provisions of the Notice of Risk to Personal Data Act.

II. Definitions
As used in this Procedure, the following terms have the following meanings:
A. Breach of System Security
“Breach of system security” means an:
1. Unauthorized acquisition of College or System computerized data that compromises the security, confidentiality or integrity of an individual’s personal information maintained on a College or MCCS computer; and/or
2. Authorized acquisition that is then used for an unauthorized disclosure of such personal information.

B. Personal Information
“个人信息”系指以下未加密或编辑的个人信息:
1. First name or first initial; and
2. Last name; and
3. Any one or more of the following:
a. Social security number;
b. Driver’s license number or state identification card number;
c. Account number, credit card number or debit card number, if such a number could be used without additional identifying information, access codes or passwords;
d. Account passwords or personal identification numbers or other access codes; or
e. 上述第a至d段所载与个人姓名无关的任何数据元素, or first initial, and last name, 如果信息被泄露将足以允许某人欺诈性地假定或试图假定其信息被泄露者的身份.

“Personal information” does not include information available to the general public from federal, state or local government records, widely distributed media, or other lawful source.

C. Unauthorized Person
“Unauthorized person” means a person who:
1. Does not have authority or permission to access such personal information; and/or
2. Obtains access to such personal information by fraud, misrepresentation or similar deceptive practice.

“Information broker” means any person who, on behalf of a College or the MCCS, maintains computerized data that includes personal information.

III. Duty to Investigate

If an information broker becomes aware of a breach of system security, the information broker shall promptly contact the College and/or MCCS Director of Information Technology. 该等主任应立即通知学院院长，并展开合理和善意的调查，以确定个人信息已被或将被滥用的可能性.

IV. Duty to Notify

如果学院和/或mcs信息技术总监确定个人信息可能已经或将被滥用作为违规行为的结果, the College or MCCS Director of Information Technology shall provide the following notice.

A. Content of Notice

The notice shall contain the date of the breach; the information believed to be accessed; a summary of the college’s efforts in response to the breach; and a College or MCCS contact who upon request can provide additional information.

B. Recipients of Notice

The above notice shall be provided to:

1. A person whose personal information has been, or is reasonably believed to have been, acquired by an unauthorized person; and
2. The MCCS Director of Information Technology, who in turn shall notify the MCCS President; and
3. The MCCS General Counsel, who in turn shall notify the Maine Attorney General’s Office; and
4. In breaches affecting more than 1,000 persons at a single time, the following consumer reporting agencies shall also be notified:

a. Experian
P.O. Box 2002
Allen, TX 75013-2002
1-888-397-3742

b. Trans Union
P.O. Box 1000
Chester, PA 19022
1-800-888-4213

c. Equifax
P.O. Box 740250
Atlanta, GA 30374-0250
1-800-685-1111

However, the notice to these agencies shall only include the following: date of the breach, an estimate of the number of persons affected by the breach, if known, and the actual or anticipated date that persons were or will be notified of the breach.

C. Timing of Notice

一旦学院和/或mcs信息技术总监确定个人信息可能已经或将因违规行为而被滥用，应尽可能迅速地发出通知. However, such timing shall be determined consistent with any:

1. Known legitimate needs of law enforcement; and
2. Measures necessary to determine the scope of the security breach and restore the reasonable integrity, security and confidentiality of the data in the system.

D. Means of Notice

Notice shall be by U.S. Mail to last known address. If, however, the cost of providing such notice would exceed $5,000, or if the number of persons to receive notice exceeds 1,000, or if the College and System does not have such an address, the following notice may be given instead:

1. E-mail notice to those whose email addresses are known; and
2. Conspicuous posting of the notice on the College’s or System’s publicly accessible website; and
3. Notification to major statewide media.

V. Complete Copy of the Law

For a complete copy of the Maine law governing this subject, see 10 MRSA §§1346-50-A available at http://janus.state.me.us/legis/statutes/10/title10ch210-B.rtf.

REFERENCES: 10 M.R.S.A. §§1346-50-A
DATE ADOPTED: January 24, 2007
DATE(S) AMENDED: January 26, 2010