Information Technology Services
Individuals are expected to exercise responsible, ethical behavior when using the University's computers, information, networks or resources. Computer users in the academic community should be aware of relevant policies, guidelines, and laws. Violation of law or University policy may result in having your Access Account locked, suspension of network access or other information service privileges, disciplinary action, and legal proceedings.
Please use technology wisely. You are responsible for your Penn State Access Account and will be held accountable for any problems associated with its use. A small percentage of individuals deliberately ignore the law or University policies and get into trouble. However, most people get into trouble through ignorance; they don't realize they are doing something illegal or harmful.
Our experience has shown the following areas to be the most troublesome. Here are some tips to help you stay safe.
Use virus protection software and set it to update automatically. previous | top | next
It's very easy to copy and use files from the Web and other sources, and some people maintain that it doesn't hurt anyone to download and share songs, movies, and other files. However, unauthorized copying and sharing of copyrighted works not only deprives artists and publishers of a fair return on their works, it is illegal.
If you use copyrighted materials (such as text, photographs, images, video, or audio files) you must have permission from the copyright holder. Photographs require signed photograph clearances. Always ask permission from the author if you would like to use information or images you find on the Web. At many Web sites you will find restrictions and guidelines for use of the material published there. When in doubt, get written permission. To report possible copyright infringement, write to firstname.lastname@example.org.
Students should not regard the issue of illegal file sharing as a trivial matter. Individuals who are interested in downloading music should use legal sources such as Ruckus or iTunes. The Recording Industry Association of America (RIAA) and the Motion Picture Association (MPA) are becoming much more aggressive in their pursuit of copyright infringers. Penn State offers a high-quality legal alternative; see http://legalmedia.psu.edu/ for details.
For additional guidelines, see "Ethical and Legal Use of Digital Media" at http://its.psu.edu/policies/digitalmedia/ on the Web.
Set your computer to update security patches automatically. previous | top | next
Viruses, worms, trojan horses, malware--no matter what they're called, they're all man-made programs that cause disruption and damage, use up system resources, and waste everyone's time. Some are designed to copy themselves until your system's memory is used up, causing your computer to crash. Some can turn your computer into a host that can send out thousands of spam e-mails without your knowledge. A "trojan horse" can masquerade as a game or screen saver, but secretly collect your passwords and other confidential information and mail it back to the person who wrote the program. Even worse, it can open a "back door" without your knowledge that allows hackers to access and control your system remotely. Because viruses and other malicious programs are often secretly embedded in e-mail attachments, you must never open unsolicited e-mail attachments, even if they seem harmless or look as though they came from an official source.
It's no longer a choice, but a necessity to protect yourself against viruses. If you haven't already done so, install virus protection software immediately on your computer and set it up so that it automatically downloads updates at least once a week--or more often if you learn that a virus is spreading. Virus protection software is available at no cost to students, faculty and staff. See http://its.psu.edu/virus.html for virus alerts, a FAQ, and instructions on how to obtain free virus protection software.
Consider Using a Firewall. previous | top | next
You are responsible for securing your computer(s) against intrusion attempts by downloading and installing security patches as soon as they become available. See the following Web sites for information and instructions:
- Microsoft Corporation Security Web Site:
- Apple Product Security:
- Unix and Linux Security:
Network connected devices at Penn State are being probed daily for vulnerabilities. By securing computers and local area networks (LANs) behind firewalls, we can make it harder for would-be attackers to invade systems and networks.
Back up your files. previous | top | next
Make sure your software is legal. previous | top | next
If your computer crashed right now, and you lost all of your files, could you easily recover them? Most people know that they should back up their files, but don't do it, because they don't know how, or they think it takes too much time, or they think they might have to buy expensive hardware or software to accomplish it. However, there are many methods for backing up your files at a low cost. Don't wait until you lose hours or even years of work in a single moment. Take a few moments right now to identify a method that will work for you.
Penn State Distributed Backup Service: Don't assume that "someone else" is taking care of your backups. If you're not sure what your options are, ask your department IT support staff for recommendations. Tivoli Storage Manager (TSM) is an effective, low-cost solution for departments, faculty, and staff. TSM acts as a file backup and archive server for the disk drives of any workstation or personal computer connected to the Internet. See the TSM Web site for additional information and an application form: http://aset.its.psu.edu/ait/tsm.html.
ITS Disk Space: Several kinds of disk space or central file services are available for storing private files and files to be shared with others. These systems are generally accessible from computer labs, technology classrooms, and from your home or office computer with almost any kind of Internet connection. See http://clc.its.psu.edu/DiskSpace/ for more information.
Windows advice: "Backup Basics," by Microsoft, http://www.microsoft.com/athome/security/update/backup.mspx
Macintosh advice: "Dr. Mac's Guide to Backing Up your Mac," by Bob "Dr. Mac" LeVitus, http://www.macobserver.com/tmoguides/backup/index.shtml.
UNIX and Linux advice: O'Reilly books are recommended. The Penn State Libraries offers Safari Tech Books Online: http://www.libraries.psu.edu/eres/PSU_azdesc.html#PSU01401
Use a Strong, Safe Password password. previous | top | next
You are responsible for making sure that all of the software on your computer is legal. In terms of copyright, there are four broad classifications of software: commercial, shareware, freeware, and public domain. The restrictions and limitations regarding each classification are different. For details, see "Using Software" at http://its.psu.edu/policies/educom.html on the Web.
Guard your privacy and confidential information. previous | top | next
Your Penn State Access Account is your digital identity at Penn State, and your password should be strong and private. Like your Penn State ID card, it authenticates that you are who you say you are. Guard your password just as you guard your bank card PIN. Don't write it down or make it easy for someone to guess. Don't share your password with others, as they would then have the opportunity to read your e-mail, see your grades, obtain your transcript, charge printing to your bursar bill, and forge e-mail and news postings from you. For guidelines on how to create a strong, secure password, see http://its.psu.edu/policies/password.html on the Web.
In addition to your Penn State Access Account, you may need to establish passwords for your computer and/or specialized services at Penn State. No matter what service a password might be used for, remember that it's the only thing keeping a malicious intruder from possibly gaining access to your private information and resources.
It is a violation of University policy to share any password that provides access to a University system or network. All faculty, students, and staff must also obey all federal, state, and local laws applicable to the use of computers, data, and software. Please read Policy AD20-Computer and Network Security so that you are informed about your responsibilities pertaining to computer use and passwords.
To meet certain federal guidelines, all Access Account holders are now required to change their password annually. See http://its.psu.edu/password/ for details and tips.
Advances in technology have made it easy to store and share detailed personal information through e-mail, online forms, or on social networking sites such as Facebook or MySpace. You must guard against misuse of personal information such as Social Security numbers and credit card numbers. Also, consider the reaction of potential employers, graduate school admissions offices and your family to the pictures and statements you post. See http://its.psu.edu/takecontrol/ for information and tips.Don't use University resources for commercial purposes. previous | top | next
Don't send or forward chain letters. previous | top | next
Penn State resources and services are intended for University-related use. Do not use these resources for purposes such as selling a product, a profit-making business or sales position, or in conjunction with mass mailings. If you need to use the Web or e-mail for purposes unrelated to Penn State, use a commercial service. Many companies known as Internet Service Providers (ISPs) offer Web space and e-mail services. One method of finding an ISP is to use a search engine such as http://www.google.com/. Also see the following policies:
Conduct electronic surveys in accordance with University policies. previous | top | next
Some people think of chain letters as a harmless diversion. However, the distribution of chain letters is regarded as a serious misuse of University resources. Space on University computer systems is reserved for University-related work. Chain letters require the use of system or server space in order to be stored for the recipient. According to University Policy AD20 Computer and Network Security, "Transmitting or making accessible offensive, obscene or harassing materials, and transmitting or making accessible chain letters, etc., are prohibited."
Be considerate when using e-mail. previous | top | next
All research performed on human subjects must be approved by the Office for Research Protections. Internet surveys are subject to the same regulations. Whether conducting a survey on paper or online (by using e-mail, the Web, or other Internet resources) researchers must comply with all policies, including Policy RA14, The Use Of Human Subjects In Research; see http://guru.psu.edu/policies/ra14.html on the Web. The Office for Research Protections may be contacted at 212 Kern Graduate Building, University Park; 814-865-1775; Fax 814-863-8699; e-mail ORProtections@psu.edu. See http://www.research.psu.edu/orp/ for additional information.
Watch out for Internet scams. previous | top | next
Use e-mail with the same consideration that you use telephone or postal services. Sending obscene messages, stalking, and harassment of others is considered misuse of your e-mail account. According to University Policy AD20 Computer and Network Security, "Transmitting or making accessible offensive, obscene or harassing materials, and transmitting or making accessible chain letters, etc., are prohibited." If at any time you feel threatened or harassed by any form of computer communication, please contact Police Services immediately. Retain as much of the evidence as possible. Be sure to save everything such as e-mail headers, date and time logs, and IP addresses from IRC communication. It can help the police track the harasser down. The Security Operations and Services (SOS) office aids the police in many investigations; however, this type of situation falls under police jurisdiction due to the potential for physical harm. A list of campus police phone numbers is available at http://sos.its.psu.edu/police.html on the Web.
If you feel that there is an immediate threat, call 911.
Help stamp out spam. previous | top | next
On the Internet, anyone can sell a product; that doesn't make it worthwhile (or legal). According to the National Fraud Information Center, almost $15 million was lost last year, with an average loss of $527. Top frauds involved online auctions, general merchandise, Nigerian money offers, computer equipment and software, Internet access services, work at home plans, travel/vacation offers, advance fee loans, and prizes/sweepstakes. Another type of scam called "phishing" uses an official-looking (but bogus) message intended to trick you into disclosing confidential information. To learn more, see the Take Control Web site: http://its.psu.edu/takecontrol/.
Be cautious with Web auctions. previous | top
Spamming is the practice of sending unsolicited electronic junk mail or newsgroup postings. According to experts, more than 65% of all e-mail is spam. Most spam consists of advertisements for products or services, often fraudulent. In addition to wasting people's time with unwanted e-mail, spam also uses a significant amount of network bandwidth.
To cut down on the amount of spam you receive, use discretion when putting your e-mail address on reply cards and other such forms, as this is the main way that the spammers get e-mail addresses. Also, you can use software features, such as Eudora Pro's filters, to automatically trash mail from repeat offenders.
Be careful when responding to spam. Some spam includes a line similar to the following: "To be removed from this mailing list, send e-mail to email@example.com." In most cases, this is a sneaky way to verify that your e-mail address is legitimate, thereby helping the spammer, who can then reuse or distribute your e-mail address to other spammers.
To protect your access privileges, and as a matter of basic courtesy, don't send unsolicited mail to others. According to University Policy AD20 Computer and Network Security, "Unauthorized mass electronic mailings and newsposts are prohibited." This includes chain letters.
To learn more, see the Take Control Web site: http://its.psu.edu/takecontrol/.
On the Internet you can buy almost anything, and electronic payments are readily accepted by merchants. Before you submit your personal information or credit card number, learn how to shop safely: http://www.ftc.gov/bcp/menus/consumer/tech/online.shtm.
For more information on computer security, see the Stay Safe Online Web site at http://www.staysafeonline.info/, sponsored by the National Cyber Security Alliance.
If you need assistance, please contact the ITS Help Desk.
Please see http://its.psu.edu/policies/
Intellectual Property Office (IPO)
113 Technology Center
University Park, PA 16802
Copyright Clearance Office
101A Hostetter Building
University Park, PA 16802
Office of Licensing Programs
101 Procurement Building
University Park, PA 16802-1004
Department of University Publications
Suite A, University Support Building I
University Park, PA 16802
Web site: http://www.publications.psu.edu
Information Technology Services (ITS)
Policies, Guidelines, and Laws
This page is part of Your Guide to Information Technology @ Penn State.
The Pennsylvania State University ©2010
Information Technology Services (ITS)