IT Policy

Purpose

  1. To remain competitive, better serve our customers and provide our employees with the best tools to do their jobs, Plant Operations makes available to our workforce access to one or more forms of electronic media and services, including computers, e-mail, external electronic bulletin boards, wire services, online services, intranet, Internet and the World Wide Web.
  2. Plant Operations encourages the use of these media and associated services because they can make communication more efficient and effective and because they are valuable sources of information about vendors, customers, technology, and new products and services. However, all employees and everyone connected with the organization should remember that electronic media and services provided by the university are university property and their purpose is to facilitate and support university business. All computer users have the responsibility to use these resources in a professional, ethical, and lawful manner.
  3. To ensure that all employees are responsible, the following guidelines have been established for using departmental computer systems. No policy can lay down rules to cover every possible situation. Instead, it is designed to express Plant Operations’ philosophy and set forth general principles to comply with University of Houston MAPP and UH System SAM policy when using electronic media and services.

Access to Employee Communications

  1. Generally, electronic information created and/or communicated by an employee using e-mail, word processing, utility programs, spreadsheets, voicemail, telephones, Internet and bulletin board system access, and similar electronic media is not reviewed by the university. However, the following conditions should be noted:
  2. Plant Operations and the University of Houston — IT Services may routinely gather logs for most electronic activities or monitor employee communications directly, e.g., telephone numbers dialed, sites accessed, call length, and time at which calls are made, for the following purposes:
    1. Cost analysis;
    2. Resource allocation;
    3. Optimum technical management of information resources; and
    4. Detecting patterns of use that indicate employees are violating university policies or engaging in illegal activity.
  3. Plant Operations reserves the right, at its discretion, to review any employee’s electronic files and messages to the extent necessary to ensure electronic media and services are being used in compliance with the law, this policy and other university policies.
  4. Employees should not assume electronic communications are completely private. Accordingly, if they have sensitive information to transmit, they should use other means.

Software

  1. To prevent computer viruses from being transmitted through the university’s computer system, unauthorized downloading of any unauthorized software is strictly prohibited. IT staff reserve the right to remove any software program that has not been approved without prior notice. This may result in loss of data.
  2. All Plant Operations’ computers are assigned with virus protection software installed. It is prohibited to remove, modify or in any way deactivate this software without the approval of the IT staff.
  3. Only software registered through Plant Operations may be downloaded or installed. Employees should contact the system administrator if they have any questions. Employees should not attempt to add/remove or modify software from departmental computers unless advised by a member of the IT staff.
  4. Any software that is not registered through Plant Operations but is approved for use must be installed by Plant Operations IT and staff must demonstrate that it is licensed for their use.

Hardware

  1. It is the responsibility of Plant Operation’s employees to maintain any computer equipment assigned to them. This includes:
    1. Clean outer surface of all computer equipment (CPU, Monitor, Printer, Mouse) with the supplies provided.
    2. Prevent any damage to the computer equipment caused by misuse or mishandling.
    3. Relocation of computer equipment must be coordinated with Plant Operations IT.
    4. It is normally the department’s Property Custodians responsibility to dispose of old or outdated equipment.
  2. Only approved devices may be connected to Plant Operation’s computer equipment. Approval is required before personal devices can be connected. This includes:
    1. Digital Cameras
    2. PDA’s (Personal Digital Assistants or Handheld Computers)
    3. Mouse and keyboards not provided by Plant Operations IT
    4. Printers
    5. Scanners
    6. Speakers
    7. Any other device that plugs into the computer and it is not removable media (Floppy Disk, Zip Disk or CD-ROM)
  3. All Plant Operations computer purchases must have Plant Operations IT approval.

Security/Appropriate Use

  1. Employees must respect the confidentiality of other individuals’ electronic communications. Except in cases in which explicit authorization has been granted by university management, employees are prohibited from engaging in, or attempting to engage in:
    1. Monitoring or intercepting the files or electronic communications of other employees or third parties;
    2. Hacking or obtaining access to systems or accounts they are not authorized to use;
    3. Using other people’s log-ins or passwords; and
    4. Breaching, testing, or monitoring computer or network security measures.
  2. No e-mail or other electronic communications can be sent that attempt to hide the identity of the sender or represent the sender as someone else. The use of university email to transmit SPAM or mass email messages is prohibited unless explicit permission has been granted.
  3. Electronic media and services should not be used in a manner that is likely to cause network congestion or significantly hamper the ability of other people to access and use the system. This includes streaming audio and video using Windows Media Player, Real Player, QuickTime or similar software for the purpose of listening to radio stations or movies.
  4. Anyone obtaining electronic access to other companies’ or individuals’ materials must respect all copyrights and cannot copy, retrieve, modify or forward copyrighted materials except as permitted by the copyright owner.
  5. Passwords must be changed when they expire (approximately every 60 days). Passwords should be constructed of both letters and numbers and should be at least 8 digits in length. A guide to create a difficult password is available.
  6. It is encouraged as good practice to lock your computer before leaving the office and that a screen saver password is used to prevent unauthorized access to computer systems. Plant Operations’ employees should shutdown computers and printers before leaving for the day.
  7. It is mandatory to shutdown all non-critical systems before the weekend and during long periods of absence (vacation, holidays and winter break). This includes computers, printers and any other device connected to the computer.

Participation In Online Forums

  1. Employees should remember that any messages or information sent on university-provided facilities to one or more individuals via an electronic network—for example, Internet mailing lists, bulletin boards, and online services—are statements identifiable and attributable to the University of Houston.
  2. Plant Operations recognizes that participation in some forums might be important to the performance of an employee’s job. For instance, an employee might find the answer to a technical problem by consulting members of a news group devoted to the technical area.

Personal Use

The computers, electronic media and services provided by Plant Operations are primarily for business use to assist employees in the performance of their jobs. Limited, occasional, or incidental use of electronic media (sending or receiving) for personal, non-business purposes is understandable and acceptable, and all such use should be done in a manner that does not negatively affect the systems’ use for their business purposes. However, employees are expected to demonstrate a sense of responsibility and not abuse this privilege.

Violations

Any employee who abuses or is in violation of this policy will be subject to corrective actions including possible termination of employment, legal action and criminal liability.