SLAC information resources are U.S. government property and, as such, are subject to "appropriate use" requirements found in federal law and the provisions of the SLAC contract. Access to and use of SLAC computer resources is conditional upon adherence to the policies established for those individual resources, and to the general Stanford policies on Computer and Network Usage.
The purpose of this policy is to outline the acceptable use of SLAC information resources and ensures that proper control is setup to maintain the confidentiality, integrity and availability of information processing and communication services on systems managed by SLAC. Inappropriate use exposes SLAC to risks including virus attacks, compromise of network systems and services, and legal issues.
This policy applies to all employees, contractors, consultants, temporaries and other workers at SLAC, including all personnel affiliated with third parties (“User”). This policy applies to all SLAC information resources, including but not limited to computers, systems and networks that are managed by SLAC and equipment not owned by SLAC or DOE but connect to the SLAC network and/or use SLAC information resources.
A. The SLAC information resources are
government assets for SLAC-related business use. Unauthorized use is
prohibited. Minor incidental personal use is permitted. See Limited Personal
Use of Government Office Equipment including Information Technology
B. Users have an affirmative duty to
report suspected misuse of SLAC information resources at once. Contact the Computing Division
help line (x4357 option 3) or Computer Information Security Officer (CISO).
C. All SLAC and Stanford policies
apply to User’s conduct while using SLAC information resources especially, but
not exclusively, policies on intellectual property, misuse of resources,
harassment, and information and data
D. SLAC computer accounts are
normally intended for use only by the individual assigned to that account. Each
account holder is responsible for the resources used by that account and for
taking necessary precautions to prevent others from using the account. Shared
accounts require adequate justification and explicit authorization from the
CISO. Users shall not seek to gain or enable unauthorized access to information
resources.
E. Passwords must be chosen with care
and not divulged to anyone. Different classes of system, for example business
systems, scientific computing systems and accelerator control systems have
different requirements on user passwords. Users are responsible for following
the password policies for the systems on which they have accounts.
F. Unauthorized copying of copyrighted material including, but not limited to, digitization and distribution of photographs from magazines, books or other copyrighted sources, copyrighted music, and the installation of any copyrighted software for which SLAC or the end user does not have an active license is strictly prohibited.
G. Before leaving a system
unattended, it must be adequately protected, e.g. with a screen saver or logged
off.
H. Users must safeguard legally
protected information subject to privacy laws or confidentiality requirements.
I. Circumventing security controls is
prohibited.
J. Under no circumstance is a User authorized to engage in any activity that is illegal under local, state, federal or international law while utilizing SLAC owned resources.
K. Use of SLAC's electronic
communication facilities to send fraudulent, harassing, obscene (i.e. pornographic), threatening, racial, sexual or other unlawful messages is prohibited and illegal, as is use
of SLAC information resources for lobbying of any kind.
L. SLAC reserves the right to audit networks and systems using SLAC information resources on a periodic basis to ensure compliance with this policy.
Any SLAC employee found to have
intentionally violated this policy shall be subject to disciplinary action up
to and including termination. A User
violating this policy may have his/her computer removed from the network and
any SLAC network or computer access disabled. Reinstatement will require the
review and approval of the Chief Information Officer (CIO) with concurrence
from the appropriate Associate Lab
Related SLAC
or Stanford Policies, Memos or Directives:
Stanford University Computer and Network Use Policy
Stanford Information Security Incident Response
Limited Personal
Use of Government Office Equipment including Information Technology
Related
Computer Security References:
Use of SLAC Information Resources Guidelines
Definition: The term “users” applies to all SLAC staff, contractors,
assignees, visitors, and individuals that have custody of or access to SLAC
information, systems, or network.