IT Acceptable Use
1. Purpose
1.1 Vocational Skills Solutions (FST) seeks to promote and facilitate the use of Information Technology for supporting the teaching, learning, research, and business activities; and may be used for any legal activity that further the aims and policies of FST. It is accepted that some limited and reasonable personal use will occur subject to it not interfering with the core functions of FST or those activities breaching this policy.
1.2 Whilst the traditions of academic freedom will be fully respected, this also requires responsible and legal use of the technologies and facilities made available to the learners and staff of FST. This will help FST avoid accidental or malicious acts and associated financial, legal, or reputational damage
1.3 It is the responsibility of all Users of FST’s IT services to read and understand this policy. This policy may be updated from time to time, in order to comply with legal and policy requirements.
1.4 This Acceptable Use Policy is intended to provide a framework governing the use of all IT resources across all sites on which FST operates. It should be interpreted such that it has the widest application and so as to include new and developing technologies and uses, which may not be explicitly referred to.
1.5 However, this is just one aspect of a wider framework of e-safety, Safeguarding and Prevent strategies. For further information on this please refer to the Safeguarding & Prevent Policy & Strategy, and the e-safety policy.
2. Scope
2.1 This policy applies to all Users including staff, learners, visitors, contractors, partners, and others, of the IT facilities provided by FST, are bound by the provisions of its policies in addition to this Acceptable Use Policy. It also addresses the use of FST’s IT facilities accessed via resources not fully owned by FST, such as partner resources and the use of personal BYOD (‘bring your own device’) equipment.
2.2 It covers all user interactions using FST provided logon ids, whether using personal or FST equipment, and whether on FST premises or elsewhere. These include participation in externally hosted virtual events such as webinars, online collaborations and posting on any social media platform. (In addition, any user engaging in inappropriate behaviours using personal logon ids may be in breach of FST policies and subject to sanctions).
2.3 The IT facilities comprise all hardware, software, services, data, and communication tools whether hosted on site or provided by third parties including online Cloud and hosted services.
3. Policy Statement
3.1 Use of FST computer and network resources should support the basic mission of FST in relation to teaching, learning and assessment. Users of FST networks and computer resources are responsible to properly use and protect information resources and to respect the rights of others. This policy provides guidelines for the appropriate use of FST data and resources.
4. Definitions
4.1 “Users” are everyone who has access to or is provided with any of FST’s company equipment and IT systems. This includes permanent employees and also temporary employees, contractors, agencies, consultants, suppliers, learners, and business partners.
4.2 “Equipment” means all hardware and peripherals or devices that connect to the corporate network or access corporate applications.
4.3 “Information resources” are all computer and communication devices and other technologies, which access, store or transmit FST information. This includes, but is not limited to, computers, mobile phones, tablets, printers, speakers, projectors, portable storage devices, data and voice networks, software, electronically stored data on premises and cloud, and all third-party networking services.
5. Responsibilities
5.1 Users of FST information resources must protect:
I. their online identity from use by another individual
II. the integrity of computer‐based information resources
III. the privacy of electronic information.
5.2 The Senior Leadership Team should:
I. Take all appropriate actions to protect the security of information and information resources.
II. Take precautions against theft of or damage to information resources.
III. Faithfully execute all licensing agreements applicable to information resources.
IV. Temporarily suspend access to information resource if they believe it is necessary or appropriate to maintain the integrity of the information resources under their oversight.
6. Summary
6.1 Simply put, acceptable use covers five areas:
· IT Governance – Do not break the law, do abide by FST’s IT regulations and policies, and do observe the regulations of any third parties whose facilities you access.
· IT Identity – Do not allow anyone else to use your IT credentials, do not disguise your online identity while representing FST and do not attempt to obtain or use anyone else’s.
· IT Infrastructure – Do not put FST’s IT facilities at risk by introducing malware, interfering with hardware, or loading unauthorised software.
· IT Information – Safeguard personal data, respect other people’s information and do not abuse copyright material. Store data on secure FST platforms such as OneDrive and SharePoint, do not use systems we are not licensed for such as Dropbox. Remember that mobile storage such as USB devices are not a secure way to handle information and must not be used to store personal or commercial information. If using BYOD to store FST data, ensure the device is encrypted.
· IT Behaviour – Do not waste IT resources, interfere with others’ legitimate use, or behave towards others in a way that would not be acceptable in the physical world.
7. Definitions of Unacceptable Use
7.1 FST’s network is defined as all computing, communication, and networking facilities provided by FST. It covers all computing devices, either personal or FST owned, connected to FST systems and services whether on-premises, remotely hosted or Cloud-based.
7.2 The conduct of all Users when using FST’s IT facilities should always be in line with FST’s values, including the use of online and social networking platforms.
7.3 Subject to exemptions defined in 6 below, FST’s network may not be used directly or indirectly by a user for the download, creation, manipulation, transmission, or storage of:
· any offensive, obscene, or indecent images, data or other material, or any data capable of being resolved into obscene or indecent images or material.
· unlawful material, or material that is defamatory, threatening, discriminatory, extremist or which has the potential to radicalise themselves or others.
· unsolicited “nuisance” emails.
· material, which is subsequently used to facilitate harassment, bullying and/or victimisation.
· material which promotes discrimination on the basis of race, gender, religion or belief, disability, age, or sexual orientation.
· material with the intent to defraud or which is likely to deceive a third party.
· material which advocates or promotes any unlawful act.
· material that infringes the intellectual property rights or privacy rights of a third party, or that is in breach of a legal duty owed to another party; or
· material that brings FST into disrepute.
8. Exemptions from Unacceptable Use
8.1 There are a number of legitimate academic activities that may be carried out using FST information systems that could be considered unacceptable use. For example, research involving defamatory, discriminatory, or threatening material, the use of images which may depict violence, the study of hate crime, terrorism related material or research into computer intrusion techniques. In such circumstances advice must be sought through line management and Senior Leadership Team (SLT). In each case documented approval/denial of the request will be recorded.
8.2 Any potential research involving obscene or indecent material must always be approved in advance with SLT and clear scope agreed, along with any records that need to be captured of specific accesses. If a member of the FST community believes they may have encountered breaches of any of the above, they must report this immediately to their line manager who will liaise with SLT.
9. Consequences of Breach
In the event of any failure to comply with the conditions of this Acceptable Use Policy by a User, FST may in its sole discretion:
· Restrict or terminate a User’s right to use the FST’s IT facilities.
· Withdraw or remove any material uploaded by that User in contravention of this Policy.
· Where appropriate, disclose information to law enforcement agencies and take any legal action against a User for breach of this Policy, including but not limited to claiming all costs, fees, and disbursements (including but not limited to legal fees) connected therewith.
· Any disciplinary action, arising from breach of this policy, shall be taken in accordance with FST’s Disciplinary Policy. Disciplinary action may ultimately lead to dismissal.
10. Statutory Frameworks/Principles
10.1 The use of FST IT systems and resources are subject a number of statutes and regulations including:
· the Copyright, Designs and Patents Act 1988
· the Computer, Copyright Software Amendment Act 1985
· the Computer Misuse Act 1990
· the Data Protection Act 2018 (commonly referred to as GDPR)
· the Electronic Communications Act 2000
· the Police and Criminal Evidence Act 1984.
· the Trade Marks Act 1994
· the Criminal Justice and Public Order Act 1994
Copies of these documents are available online at http://www.opsi.gov.uk/
11. Monitoring and Review of Policy
11.1 This policy will be monitored by the Senior Leadership Team. This policy will be approved by the Head of Finance. Any changes to this policy or how the policy is enforced will need to be agreed before implementation. Failure to comply with the policy will be dealt with through FST’s Disciplinary Procedures.