SLAC information resources are U.S. government property and, as such, are subject to "appropriate use" requirements found in federal law and the provisions of the SLAC contract. Access to and use of SLAC computer resources is conditional upon adherence to the policies established for those individual resources, and to the general Stanford policies on Computer and Network Usage.
The purpose of this policy is to outline the acceptable use of SLAC information resources and ensures that proper control is setup to maintain the confidentiality, integrity and availability of information processing and communication services on systems managed by SLAC. Inappropriate use exposes SLAC to risks including virus attacks, compromise of network systems and services, and legal issues.
This policy applies to all employees, contractors, consultants, temporaries and other workers at SLAC, including all personnel affiliated with third parties (“User”). This policy applies to all SLAC information resources, including but not limited to computers, systems and networks that are managed by SLAC and equipment not owned by SLAC or DOE but connect to the SLAC network and/or use SLAC information resources.
A. The SLAC information resources are government assets for SLAC-related business use. Unauthorized use is prohibited. Minor incidental personal use is permitted. See Limited Personal Use of Government Office Equipment including Information Technology
B. Users have an affirmative duty to report suspected misuse of SLAC information resources at once. Contact the Computing Division help line (x4357 option 3) or Computer Information Security Officer (CISO).
C. All SLAC and Stanford policies
apply to User’s conduct while using SLAC information resources especially, but
not exclusively, policies on intellectual property, misuse of resources,
harassment, and information and data
D. SLAC computer accounts are normally intended for use only by the individual assigned to that account. Each account holder is responsible for the resources used by that account and for taking necessary precautions to prevent others from using the account. Shared accounts require adequate justification and explicit authorization from the CISO. Users shall not seek to gain or enable unauthorized access to information resources.
E. Passwords must be chosen with care and not divulged to anyone. Different classes of system, for example business systems, scientific computing systems and accelerator control systems have different requirements on user passwords. Users are responsible for following the password policies for the systems on which they have accounts.
F. Unauthorized copying of copyrighted material including, but not limited to, digitization and distribution of photographs from magazines, books or other copyrighted sources, copyrighted music, and the installation of any copyrighted software for which SLAC or the end user does not have an active license is strictly prohibited.
G. Before leaving a system unattended, it must be adequately protected, e.g. with a screen saver or logged off.
H. Users must safeguard legally protected information subject to privacy laws or confidentiality requirements.
I. Circumventing security controls is prohibited.
J. Under no circumstance is a User authorized to engage in any activity that is illegal under local, state, federal or international law while utilizing SLAC owned resources.
K. Use of SLAC's electronic communication facilities to send fraudulent, harassing, obscene (i.e. pornographic), threatening, racial, sexual or other unlawful messages is prohibited and illegal, as is use of SLAC information resources for lobbying of any kind.
L. SLAC reserves the right to audit networks and systems using SLAC information resources on a periodic basis to ensure compliance with this policy.
Any SLAC employee found to have
intentionally violated this policy shall be subject to disciplinary action up
to and including termination. A User
violating this policy may have his/her computer removed from the network and
any SLAC network or computer access disabled. Reinstatement will require the
review and approval of the Chief Information Officer (CIO) with concurrence
from the appropriate Associate Lab
Related SLAC or Stanford Policies, Memos or Directives:
Related Computer Security References: