Division of Information Technology
Division of Information Technology
UNCP Home Student Services Division of Information Technology Policies DoIT 01 03 - Appropriate Use Policy (AUP)
  • A
  • A

DoIT 01 03 - Appropriate Use Policy (AUP)

Click here to download a MS Word file.

Effective date: 2003; Revised date: September 18, 2009     

I. Purpose

The University of North Carolina at Pembroke’s Appropriate Use Policy (AUP) sets forth the standards by which a student, faculty, staff and authorized guest (“Users”) may use their assigned computer systems and peripheral accessories, computer accounts, email services and the shared UNCP university network. The use of UNCP’s computer and network resources including all electronic communication systems and equipment (all collectively referred to as the “UNCP technology infrastructure”) is a revocable privilege. By using or accessing the UNCP technology infrastructure, Users agree to comply with this policy and other applicable UNCP and UNC policies, as well as all applicable federal, state, local laws and regulations. Using and/or accessing the UNCP technology infrastructure without proper authorization is strictly prohibited.

II. Responsibilities

Users are responsible for being aware of any changes to this policy. The UNCP technology infrastructure is provided to support UNCP university business and its mission of teaching, research and service. Any other uses that jeopardize the integrity of the UNCP technology infrastructure, the privacy or safety of other Users, or that are otherwise illegal are prohibited.

General guidelines for appropriate use of the UNCP technology infrastructure are based on the following principles:

  1. Users shall behave responsibly with respect to the UNCP technology infrastructure at all times.
  2. Users shall respect the integrity and the security of the UNCP technology infrastructure.
  3. Users shall behave in a manner consistent with UNCP’s mission and to comply with all applicable laws, regulations, UNCP policies, and policies of The University of North Carolina (“UNC”).
  4. Users shall be considerate of the needs of other Users by making every reasonable effort not to impede the ability of others to use the UNCP technology infrastructure and to show restraint in the consumption of shared resources.
  5. Users shall respect UNCP’s principles regarding freedom of thought, inquiry and expression.
  6. Users shall respect the rights and property of others, including intellectual property rights.

Conduct which violates this policy includes, but is not limited to:

  1. Accessing another person’s or department’s computer, computer account, files or data without permission or authorization.
  2. Using the UNCP campus network to gain unauthorized access to any computer system.
  3. Using any means to decode or otherwise obtain restricted passwords or access control information.
  4. Attempting to circumvent or subvert UNCP system or network security measures. Examples include creating or running programs that are designed to identify security loopholes, to decrypt intentionally secured data, or to gain unauthorized access to any system.
  5. Allowing external parties access to the UNCP technology infrastructure or agreeing to such (as defined in some peer-to-peer software licenses) unless for official university business which requires authorized appropriate documentation and adherence to federal, state and university laws, policies and guidelines.
  6. Installing server software or modifying system configuration on any university system without the expressed authorization of DoIT.
  7. Engaging in any activity that might be purposefully harmful to systems or to any information stored thereon, such as creating or propagating viruses, disrupting services, damaging files or making unauthorized modifications to university data.
  8. Performing any act, intentionally or otherwise, that will interfere with the normal operation of computers, peripherals or networks.
  9. Making or using illegal copies of copyrighted software, storing such copies on UNCP systems, or transmitting them over university networks.
  10. Using UNCP’s technology infrastructure for the sharing or downloading of copyrighted materials in violation of applicable copyright laws or local, state or federal regulations.
  11. Harassing or intimidating others or creating a hostile work or educational environment via transmission or display of electronic mail, news groups or Web pages, including information or images obtained from such sources.
  12. Initiating or propagating electronic chain letters.
  13. Forging the identity of a user or machine in an electronic communication (“spoofing”).
  14. Saturating UNCP network or computer resources to the exclusion of another’s use, for example, overloading the network with traffic such as emails, file sharing or malicious (denial of service attack) activities.
  15. Using email or network resources to solicit the UNCP community for political or personal gain, including without limitation solicitation for the purpose of selling items.
  16. Engaging in any other activity that does not comply with the general principles presented above.

III. Monitoring the UNCP technology infrastructure

UNCP expressly reserves the right to impose any restraints or monitor the content of communications, data or other information on the UNCP technology infrastructure:

  1. When required to do so by applicable federal, state or local laws, including without limitation laws that prohibit publication of defamatory material, laws requiring the disclosure of public records upon request, and laws prohibiting the misuse of state property for private gain; or
  2. To maintain the security and integrity of the UNCP technology infrastructure.

The university respects the privacy of Users. It does not routinely inspect or monitor the contents of electronic information, nor is the university responsible for its contents. The university electronic resources may, subject to this policy, be used for incidental personal purposes, provided such use does not interfere with normal university operations, burden the university with incremental costs, violate laws, policies, or regulations or interfere with the user’s employment or other obligations to the university. However, when there is reasonable suspicion, and with the approval of the Chancellor or his/her delegate, DoIT reserves the right:

  1. To investigate any alleged AUP or other UNCP or UNC policy infractions; or
  2. To assist in any university or law enforcement investigations seeking evidence regarding alleged violation of any federal, state or local law or regulation.

Users have no Constitutional expectation of privacy in any information on the UNCP technology infrastructure. To the extent allowed by law in the absence of any expectation of privacy, which absence is established with this policy, UNCP reserves the right to make any communications, data or information regarding, transmitted through, or stored on any UNCP system or network available to law enforcement officials without a search warrant and without prior notice to any user.

Users should use extreme caution in communicating, transmitting, or storing sensitive or private information on any UNCP equipment, including UNCP’s technology infrastructure. Although UNCP will comply with all legal obligations regarding confidentiality of certain statutorily identified records (especially students’ educational records and confidential personnel records), Users should not assume that information or data transmitted or stored on UNCP’s technology infrastructure is confidential or protected from disclosure to designated UNCP and UNC employees or law enforcement. UNCP cannot guarantee the confidentiality or integrity of any user’s continuing access to any information or data stored or transmitted on UNCP’s technology infrastructure because of the possibility, despite UNCP’s best efforts, of unauthorized access by third parties (“hackers”), failure of equipment (“system crashes”) or some other event. Users are reminded that UNCP may be required to disclose any information transmitted or stored on the UNCP technology infrastructure that is determined to be a public record and not otherwise exempt from disclosure under applicable law. While every effort is made to insure confidentiality and integrity, Users are still responsible for maintaining the secrecy of their personal access and authentication information (passwords, etc.) and for transmitting information (email, files, etc.) to the proper address.

In the event that such monitoring or review is necessary or appropriate, the Division of Information Technology or the Chancellor’s designee will be responsible for such monitoring, investigation and enforcement or for working in cooperation with the federal, state or local law enforcement agency involved.


IV. Responding to security and abuse incidents

All Users have the responsibility to report any discovered unauthorized access attempts or other improper usage of UNCP computers, networks, or other information processing equipment. If a security or abuse problem with any university computer or network facility is observed by or reported to a user, such user shall immediately report the same to the Division of Information Technology.

V. Range of disciplinary sanctions

Persons in violation of this policy are subject to a full range of sanctions, including, but not limited to, the loss of computer or network access privileges, disciplinary action, and dismissal from The University of North Carolina at Pembroke. Any sanctions against employees will be imposed through procedures consistent with any applicable state regulations. Some violations may constitute criminal or civil offenses, as defined by local, state and federal laws and the university may prosecute any such violations to the full extent of the law.

UNCP may suspend computer or network access privileges immediately and without prior notice to a user if necessary to preserve the safety or integrity of UNCP’s Network or to prevent or investigate violation of applicable federal, state or local law or UNCP policy. The user and the user’s supervisor must be sent written or electronic notice of any such intentional suspension of access and the reasons for it, and notice of the time, date and location for a meeting at which continued suspension of access may be discussed with the Associate or Assistant CIO or his/her designee, who must reconsider his or her suspension decision in light of the information received in the meeting. Following the meeting, the Associate or Assistant CIO or his/her designee shall send a copy of his or her decision upon reconsideration to the user and the user’s supervisor.  This correspondence should also advise the user that he or she may appeal the decision to the Associate Vice Chancellor for Information Resources.

VI. Additional policies

In the event that this policy conflicts with other UNCP or UNC policy, or federal or state legislation, the most restrictive policy or legislation shall apply.


Acknowledgements (Thanks to the following institutions for allowing us to adapt parts of their AUPs):

  • Drexel University
  • Colorado State University
  • Pepperdine University