University of Minnesota, Crookston
Student Activities
University of Minnesota, Crookston
www.UMCrookston.edu
1-800-UMC-MINN
UMC Today myU OneStop


Personal Use of University Technology

As you may or may not know the University has policy regarding use of University technology which includes computer systems and information/data. This policy is intended for any University employee (staff, faculty, or student employee) and the use of University technologies.

Acceptable Use (as defined by University of Minnesota policy):

Information/data and systems may only be used by authorized individuals to accomplish tasks related to their jobs. Use of the information and systems for personal gain, personal business, or to commit fraud is prohibited.

Information not classified as public must be protected, and must not be disclosed without authorization. Unauthorized access, manipulation, disclosure, or secondary release of such information constitutes a security breach, and may be grounds for disciplinary action up to and including termination of employment. Below is ‘use’ policy link. http://www.policy.umn.edu/groups/ppd/documents/policy/Acceptable_Use.cfm

The University, including the Crookston campus, can easily encounter security incidents involving legally private data. This is a significant concern to the U of M Office of Information Technology (OIT) Security office and the General Counsel office. Because of the various laws involved with legally private data (FERPA, HIPAA, Minnesota Data Practices Act, etc…) each incident is very expensive to the University with the amount of forensics work, consultation with General Counsel, and constituent notification.

Identified causative factors contributing to the incidents include…

-Family members or someone other than a University employee was using the University computer.

-User had clicked links in E-mail or Instant Messaging (this may be related to the non-employee issue). In such cases, there is usually an enticing subject or come-on of some sort that ends up with the computer being infected or compromised.

-User responding to Phishing Scams requesting verification of login credentials (e.g. user account and password). In such cases, there is usually a bogus, semi-official looking request from the University, a financial Institution, or other online service that ends up harvesting your private/confidential user account information that can potentially put the University at risk.

Remedies:

-Remember University owned computers are restricted to use by University employees for University tasks. Please do not share your university password with others.

-Avoid clicking on links in email and/or messaging tools from unknown sources which can lead to a security breach and/or loss of private University data. Even for trusted sources it’s safer to copy or type the URL into your browser to be sure it is going where intended and not being redirected.

-Please remember that the University or any legitimate organization will NEVER request user account verification be submitted via email. Responding to such scams can lead to a security breach. The University at times will request that you change your password, but you will be directed to a secure University web site to make the required change (i.e. https://www.umn.edu/myaccount page) and not submitting content through email. If in doubt, simply go to the University of Minnesota home page and navigate to the accounts page without following an email link.

-We also encourage you to use University provided online, secure storage, NetFiles, (http://www1.umn.edu/netfiles/). Contact the UMC Help Desk for assistance.
 

Revised: June 2008, version 2.0