Rules of Technology Usage

All users of College Technology must observe the following general rules when accessing College resources:

• respect intellectual property rights by abiding by technology resources vendor’s license agreements and terms and conditions, and copyright-holder rights of any copyright-protected work including software, services, digital images, videos, documents, or music;
• avoid the use of Technology resources to disrupt, interrupt, or interfere with the College’s administrative, academic and business operations, the delivery of the curriculum, or the activities of College community individuals or the community collectively.
• protect confidential and sensitive data under a student’s or employee’s control from unauthorized use, modification, or disclosure as required by local state and federal laws and regulations, College policies or other forms of compliance;
• respect the integrity of Technology and cybersecurity measures:
  • For example, Users shall not use or develop programs that harass individuals, access a computer or network without authorization, or damage or alter the software components of any data or Technology in the College’s control;
• safeguard assigned accounts and passwords;
  • Accounts and passwords assigned to users are not to be shared with any other person without authorization from the Chief Information Officer; assigned workstations must not be logged into and left unattended.
• limit personal use of Technology resources to usage that does not disrupt other individuals’ use of Technology or College operations;
  • avoid anonymous usage
    • users must not intentionally conceal or attempt to conceal, change, or obfuscate either their assigned user ID or the network address or machine name of their computing device when using Technology;
• report any suspected information security policy violations or illegal activity to an appropriate College staff member, such as the Chief Information Officer (CIO), Deputy Chief Information Officer (DCIO), or other responsible person.

Relation to Other Policies

• This policy is intended to be consistent with other Massachusetts College of Art and Design policies, including, but not limited to, the College’s sexual harassment and equal opportunity policies, and its Community Standards.
• Users are to use Massachusetts College of Art and Design’s electronic mail, Internet systems, and telecommunications/voicemail systems in a manner that is consistent with these and any related policies.

COLLEGE OWNERSHIP OF TECHNOLOGY AND DATA

• College Technology resources are College property.
• All work product created using College Technology is the property of Massachusetts College of Art and Design, and subject to the Massachusetts Public Records Law. They are not the private property of any employee or student, and users should not consider any email, Internet message, telecommunications/voice mail message or material private or their personal possessions.
• The College’s ownership of a file, record, or message does not transfer ownership to the College of any intellectual property contained therein that was created by a student or was not created by an employee during time for which they were compensated by the College, such as a work created by an employee on personal time or prior to their employment by the College.

USER CREDENTIALS, AUTHENTICATION CODES AND IDENTIFIERS

• User credentials, authentication codes and identifiers used to access technology resources or institutional data are the property of Massachusetts College of Art and Design, and are considered confidential, and should be protected from unauthorized access.
• Users must not use user credentials or identifiers (e.g., NetID/username and password), or authentication codes (e.g., a password or PIN), to access technology resources or institutional data except where authorized.
• Users are prohibited from sharing any credentials, codes and identifiers assigned or stewarded to them, with any user. 
• Users are prohibited from attempting to retrieve or use credentials, codes and identifiers, for which they are not authorized, or which have been assigned or stewarded to another user.
• Inappropriate use of credentials, codes and identifiers may result in disciplinary actions, up to and including termination or expulsion.
• Users may not impersonate another College user when using Technology, unless their job duties and responsibilities allow it.

WORKSTATION SECURITY

Technology users are required to lock their computer with a password-protected screen lock, or shut it down before leaving it unattended.

COLLEGE TECHNOLOGY SAFEGUARDS

• Any attempt to defeat, uninstall or alter technology resource or institutional data security measures is prohibited. This includes, but is not limited to, attempting to uninstall College anti-malware programs, deleting system logs and audit trails, bypassing Technology authentication and identification mechanisms, altering the configuration of security on any technology resource, or altering data except where authorized.
• The above prohibited actions may be performed if authorization is provided to a specific employees or groups of employee as required, and at the discretion of the Chief Information Officer of the College or an authorized delegate, such as a designated information security team.

NON-REMOVAL

• Users may not remove from the premises any files, records, data, databases, digital storage media, hardware, software, firmware, or any other devices or Technology, licensed to or owned by the College, without prior management approval.
• Protected information, particularly personally identifiable information (PII), such as Social Security numbers or credit card information, must never be stored on a technology resource not owned or managed by the College, without appropriate written management approval, and must always be stored or transmitted using a current, industry-standard encryption method. This prohibition includes any device or service which stores electronic data, including computers, cloud services, and storage peripherals.

DOWNLOADING

• Massachusetts College of Art and Design requires that documents downloaded from the Internet are job- or curriculum-related and constitute a reasonable use of technology resources. Please refer to MassArt’s Electronic File Sharing Policy for more details.

VIOLATIONS OF POLICY AND CRIMINAL USE

• Use of Technology resources which violates the policies or the standards of the institution or the Commonwealth of Massachusetts, including the College’s Community Standards, the Non-Discrimination, Harassment and Retaliation Policy, the MA State Universities Title IX Sexual Harassment Policy, or the MA State Universities Equal Opportunity, Diversity and Affirmative Action Plan, or other local, state or federal laws or regulations related to stalking, harrassment, or intimidation, is prohibited.
• Use of Technology resources for criminal activity is prohibited.
• Users are prohibited from sending anonymous or repeated messages via the email, Internet, or telecommunications/voice mail systems, designed to harass or intimidate any person.

EMPLOYEE USE OF TECHNOLOGY IN VIOLATION OF THE MASSACHUSETTS STATE ETHICS LAW

• Employees of the college are prohibited from using Technology for personal financial gain, such as online gambling or running a personal business, or any other usage that violates State Ethics Law.

SOLICITATION

• Technology resources may not be used to solicit or proselytize for outside or personal commercial ventures, religious or political causes, outside organizations, or other solicitations that are not related to job duties and responsibilities, or the curriculum.

MALICIOUS SOFTWARE OR ACTIVITY

• Users may not use technology resources to develop or distribute any malicious software, such as malware, ransomware, viruses, worms, Trojan horses, or engage in any malicious social engineering activities, including the creation or distribution of phishing emails, or other software with malicious intent.
• Users should not open emails or email file attachments unless they are confident of the identity of the sender. Users in doubt of the legitimacy of an email message or other electronic data, or suspect it has malicious intent, contact a Technology staff member for assistance.

COPYRIGHTED MATERIAL AND TRADE SECRETS

• Technoogy resources must not be used to send (upload) or receive (download) copyrighted materials, trade secrets, proprietary financial information, or similar materials without prior management authorization.
• The College expressly incorporates into this policy the “Fair Use Guidelines for Educational Multimedia” resulting from the nasad 1997 Annual Meeting.
• Refer to the Electronic File Sharing Policy for more information.

COLLEGE’S RIGHT TO MONITOR

• Massachusetts College of Art and Design acknowledges that privacy is an important value for educational institutions.
• Users should have no expectation, and the College makes no guarantee, express or implied, of privacy of digital content received, transmitted or stored using College Technology. Massachusetts College of Art and Design may access or disclose electronic data which may include, but is not limited to, records, documents, files, electronic or digital data (including but not limited to communications, email, voicemail, chats, user forums or other electronic discussions) stored or transmitted by any user of technology resources, to ensure business continuity or compliance with local, state, federal or industry regulations, or to assist in criminal investigations, or if directed to do so by subpoena from local, state or federal authorities.
• Authorized representatives of the College may monitor the use of technology resources and institutional data, at any time, with or without notice to any user, and may bypass, delete, change and/or modify any technology resource, or access to such resources or institutional data. Such monitoring is capable of tracking and recording email messages and telecommunications/voice mail messages sent and received as well as Internet web sites visited by employees.
• The Technology department of Massachusetts College of Art and Design may routinely monitor technology resources, and log usage data, which may include, but is not limited to, network session connection times, network bandwidth usage, user credentials, configuration settings or profiles, CPU, memory, and disk utilization, logs, or web browser history. Authorized staff may review technology resources and institutional data for evidence of violation of law or policy, to ensure the delivery of service and business continuity, and to mitigate or eliminate cybersecurity or information security risk, vulnerability or threat.

CONFIDENTIALITY/PRIVACY

• Notwithstanding Massachusetts College of Art and Design’s right to monitor, institutional data should be treated as confidential, and only accessed only by authorized users for authorized purposes.
• At its discretion, and in the conduct of business, administrative or academic operations, the College may disclose or share its electronic and digital communications and data with authorized parties within and external to the College.
• Users are prohibited from viewing, editing, or deleting data not intended for them.
• Users are responsible for maintaining the confidentiality of institutional data.
• The use of passwords for security does not guarantee confidentiality.
• Institutional data which has been erased from a storage device may still be retrieved and reviewed.
• Institutional data may provide the College with information about the users who have sent, received, created, reviewed or manipulated such data.

ENCRYPTION

Confidential, sensitive or privileged information, including personally identifiable information (PII) such as a social security number or credit card information, must never be stored or transmitted unless it is encrypted in a current, industry standard encryption method. Consult technology staff members if you are unsure of whether the proposed encryption method meets this standard.

DISCIPLINARY ACTION

• Massachusetts College of Art and Design may impose sanctions on the use of College Technology resources, or take other disciplinary actions, on any user who is found to have violated the policies of the College. Sanctions may include, but are not limited to, loss of privileges to access to Technology resources. Disciplinary actions may include, but are not limited to, counseling, termination or expulsion from the College, or legal action.
• Violations which constitute criminal offenses may be subject to local, state, or federal prosecution.
• Massachusetts College of Art and Design reserves the right to terminate the network connection of any device, application or service, which inhibits or interferes with the security, performance or usability of the network.

REPRESENTATION OF THE COLLEGE AND ITS REPUTATION

• Users may be regarded as representing Massachusetts College of Art and Design while visiting internet web sites, sending, receiving or posting electronic or digital communications via any means, including email, chat, social media, and user forums, using other applications or services.
• Users should make clear when they are, or are not, representing the College in their email, Internet, telecommunications/voice mail communications, or on social media. Users may not represent that they are conducting business on behalf of the College unless they are authorized to do so by the College.

PUBLIC RECORDS

• According to the Secretary of the Commonwealth, Division of Public Records’ A Guide to the Massachusetts Public Records Law (Updated 2017): Every record that is made or received by a government entity or employee is presumed to be a public record unless a specific statutory exemption permits or requires it to be withheld in whole or in part.
• Accordingly, records gathered, stored, received or transmitted by the College may be considered a public record pursuant to the laws, policies, regulations and guidance from the Commonwealth, or other local, state, or federal authorities.

COLLECTIVE BARGAINING AGREEMENTS

Where Collective Bargaining Agreements are in effect and come into conflict with this Policy, the Collective Bargaining Agreements shall govern.

CONTACT PERSON

• If you are not sure whether an activity you are planning would affect service, you may contact the Information Technology helpdesk (aka Tech Central) using the help desk web customer portal, via email at helpdesk@massart.edu, or via phone at 617.879.7888.
• Employees who need help understanding this policy or who discover a violation of this policy should notify the Executive Director of Human Resources or the Chief Information Officer.

DISCLAIMER

All parties placing materials on the College’s email, Internet, website, or any other College network represent and warrant that the submission, installation, copying, distribution, and use of such materials in connection with the College’s systems will not violate any other party’s proprietary rights. The user understands and agrees that Massachusetts College of Art and Design is not responsible for any errors created in or damage to materials as a result of the installation or maintenance on the College’s Network servers, or their use by anyone accessing Massachusetts College of Art and Design servers. All use of the email, Internet, and telecommunications systems must be in accordance with existing Massachusetts College of Art and Design regulations for computer and telecommunications/voice mail use. Official Massachusetts College of Art and Design computer network pages may contain links to other pages not sanctioned by the College.
Massachusetts College of Art and Design intends to honor the policies set forth above, but reserves the right to change them as may be required under the circumstances. This Policy is reviewed and updated according to Technology’s established policy review process.

NOTES

• This policy is not meant to determine ownership of academic research and work product displayed and/or stored on Massachusetts College of Art and Design systems.
• Date last reviewed and updated: February 27, 2024.