UP Open University

Acceptable Use Policy

Acceptable Use Policy for Information Technology (IT)
Resources of the UP System: www.up.edu.ph/aup/

Full text of Acceptable Use Policy

What is AUP?
Why do we need to have an AUP?
What are the IT Resources of the UP System?
What are my responsibilities under the AUP?
Are we required to use Linux and other open source applications?
What do you mean by prohibited or inappropriate use?
What if I need to do something related to my work but it is classified above as prohibited or inappropriate?
Who is in charge of making sure that the AUP is followed?
What should I do if I suspect that someone is violating this policy?
How will investigations proceed?
What are the penalties to violations of this policy?
How do I contact our system administrator?

For Faculty, Staff and Students of the UP Open University

  1. What is AUP?

    AUP stands for Acceptable Use Policy for Information Technology (IT) Resources of the UP System. The Board of Regents approved this policy during its 1165th Meeting on 31 October 2002. It covers all students, faculty, staff, system and network administrators, and University administrators; basically everyone who uses the UP IT System or any of its components by any means or from any location.

  2. Why do we need to have an AUP?

    Computing facilities and network infrastructure are a costly resource and thus must be used solely for teaching, learning, research and other officially-sanctioned activities. Also, since these technologies allow individuals to access and copy information from remote sources, users must respect the rights of others, particularly to their privacy and intellectual property. The AUP aims to ensure equitable, secure and reliable access to IT resources of the University.

  3. What are the IT Resources of the UP System?

    IT Resources compose the University's IT System. It includes computers, terminals, printers, networks, modem banks, online and offline storage media and related equipment, and software, databases and other data files that are owned, managed, or maintained by any unit of the University.

  4. What are my responsibilities under the AUP?

    In general, users of the UP IT System must:
    • Use the IT System only for its intended purpose, and not misuse or abuse it;
    • Help maintain the integrity, reliability, availability, confidentiality and efficiency of computer-based information resources;
    • Refrain from seeking to gain unauthorized access or exceed authorized access;
    • Respect software copyright and licenses and other intellectual property rights;
    • Respect the rights of other computer users;
    • Safeguard their account and password, take full advantage of file security mechanisms, and back up official critical data; and
    • Promptly report any misuse or violations of the policy to the system and network administrators, Chairs, Deans, Chancellors or the President. System and Network Administrators have the additional responsibility of ensuring integrity, confidentiality, and availability of the resources they are managing. They are expected to treat the contents of electronic files as private and confidential. Persons in these positions are granted significant trust to use their privileges appropriately.
  5. Are we required to use Linux and other open source applications?

    Not really. Your unit can retain your existing operating systems and software as long as these are licensed. You are also allowed to purchase licensed software if your unit can afford the licensing fees. Open source applications are a viable option for units that cannot afford to buy proprietary software.

  6. What do you mean by prohibited or inappropriate use?

    There are five general categories of use that are considered prohibited and/or inappropriate:
    • Uses Contrary to Law - Users may not use the UP IT System for any activity that is contrary to any law or administrative rule or regulation, or to encourage any such unlawful activity. Users must not infringe on copyright and other property rights covering software, databases, text, images, icons etc., retrieved from or through the IT System. The AUP also prohibits hacking. That is, gaining unauthorized access into or interfering with another computer or system in order to corrupt, alter, steal or destroy that system.
    • Uses Inconsistent with the Purposes of the UP System - Users may not use the IT System to engage in cheating, academic dishonesty or to violate other policies of the University. Users may not use the IT System for partisan political activities nor for commercial purposes. It is understandable that the IT System is sometimes used for personal activities (in the same way that an office telephone is used for a personal call), however this should be in a purely incidental manner. Users may not play games or use entertainment software on or through the IT System.
    • Uses that Damage the Integrity, Reliability, Confidentiality and Efficiency of the IT System - Unless properly authorized, users may not engage in the following:
      • Destroying, removing, modifying or installing any computer equipment, peripheral, operating system, disk partition, software, database, or other component of the IT System;
      • Connecting any computer unit or external network to the IT System;
      • Developing or using programs that are intended to damage or modify any software or hardware component of the system;
      • Accessing private or restricted portions of the system;
      • Disclosing passwords;
      • Interfering with or disrupting other computer users;
      • Concealing access by deleting or modifying access logs;
      • Concealing their own identity or masquerading as other users;
      • Publishing or disseminating prohibited materials (such as credit card numbers, identification information and access codes); and
      • Interfering with the UP System's ability to enforce these policies.
    • Uses that Encroach on the Rights of Other Users - Users may not encroach on others' access and use of the IT System by tying it up through wasteful and destructive practices. These include sending chain letters, spamming (sending excessive, unsolicited messages), printing excess copies of documents, running inefficient programs, using more than one computer terminal at a time, locking public access computers, not logging out of the system, and using a service that causes an excessive amount of traffic on the IT System. Users may not produce, disseminate or display material that could be considered offensive, pornographic, racially abusive or libelous in nature. Users may not use electronic communication facilities to send messages that are fraudulent, maliciously harassing, obscene, threatening, or in violation of laws or other policies of the UP.
    • Uses which Violate Privacy - Users may not attempt to gain access to archives or systems that store confidential information. Authorized users may not exceed their approved levels of access, nor should they disclose confidential information to others. Confidential information should not be copied, modified or disseminated. All encrypted information, passwords, digital keys and signatures shall be considered confidential. Users may not seek or provide information on other users.
  7. What if I need to do something related to my work but it is classified above as prohibited or inappropriate?

    Users should consult their system and network administrators regarding these types of use. The administrators may allow or tolerate such use if they do not go against the spirit of the AUP.

  8. Who is in charge of making sure that the AUP is followed?

    The University, through its system and network administrators, monitor the IT System at all times. Users must report suspected misuse or abuse of the IT System. When requested, users are expected to cooperate with the University in any investigation of IT System abuse.

  9. What should I do if I suspect that someone is violating this policy?

    A user should notify the unit's system or network administrator, who in turn notifies the Chancellor or his/her designated authority. Take note that any report must be accompanied by persuasive evidence.

  10. How will investigations proceed?

    Upon sending the complaint to proper authorities, the system or network administrator may suspend IT privileges of the accused for a maximum of 3 days. The Chancellor or his/her duly designated authority may extend the suspension for 30 days. Investigation and prosecution shall be in accordance with the regulations of the UP System. The investigating body will have at least one member knowledgeable in IT. If there is evidence of serious misconduct or possible criminal activity, the Chancellor shall file the appropriate criminal charges with the proper courts.

  11. What are the penalties to violations of this policy?

    The minimum penalty is suspension for one week, while the maximum is expulsion or dismissal from the University and/or mandatory imprisonment and/or a fine if the act constitutes any violation of the Electronic Commerce Act of 2000. For more information on the penalties for each kind of violation of the AUP, go to www.up.edu.ph/aup/

  12. How do I contact our system administrator?

    Send an email to This e-mail address is being protected from spambots. You need JavaScript enabled to view it

 

Announcements

Follow UPOU

FacebookTwitter