All University web hosted services will be at risk of downtime every Tuesday between 7am to 9am.
The following is a web version of the current University of Sunderland Information Technology Regulations and Acceptable Use Policy from April 2019
Download our IT Regulations and Acceptable Use Policy.
IT Regulations and Acceptable Use Policy
Version 1.0 - Approved April 2019
Review Due - November 2020
Who is this for?
Everyone who uses the University of Sunderland’s Computers, Systems, and/or Network services.
What is expected?
Know the rules
Understand the relevant Law, so you do not break it.
Abide by University Regulations, Policies, and Guidance.
Observe the regulations of any third parties whose facilities you access.
We want to give you the best information and guidance available, to keep you, and the University safe and informed on how to use the systems you have access to.
This policy applies to:
Personal use is a permitted privilege. However, you are encouraged to use your own equipment for personal use where possible. Please note that whilst personal use is permitted, University owned and managed services and equipment should not be used to store documents and data that are personal to you. The University cannot be held responsible for the security, backup and recovery of such data in the event of this data being corrupted, inappropriately accessed or lost.
Access to the University’s IT systems and services is granted only to specific, authorised people. Users of these systems and services must abide by the conditions set out in IT Regulations and Guidance notes to this policy for acceptable and unacceptable use.
For security and network maintenance purposes, any or all use of the University IT systems and all data held within them may be intercepted, monitored, recorded, copied, audited, inspected, and disclosed to authorised University officials, authorised third parties and law enforcement personnel as part of their duties. The University of Sunderland reserves the right to audit, fault-find, and maintain networks and systems, and the information held on them, on a periodic basis.
The University operates web filtering on all University networks. As a result, some web pages may be unavailable to users without pre-agreed permissions.
User activity log information will be retained, and may be used for purposes, including, but not limited to:
The logged information includes:
In the event of a user’s account credentials being found to be used for malicious purposes or after repeated failed attempts to access systems, those credentials may be reset, in order to protect the data, information and systems normally accessed by using the credentials.
Postings by employees from a University of Sunderland email address to newsgroups and/or social media should contain a disclaimer stating that “the opinions expressed are strictly their own and not necessarily those of the University of Sunderland”, unless posting is in the course of business duties.
All computing equipment connected to the University of Sunderland IT systems, whether owned by an employee, student or the University of Sunderland, must be continually executing approved virus-scanning software with a current virus database, and set to be patched automatically, unless specifically authorised otherwise in writing from the University’s Technical Director.
Use facilities appropriately
Be aware of your footprint
Report issues you see
Exercise good judgement
Is it important for me to comment?
Could my comment be misconstrued or offence be taken from what I have said?
Is it appropriate for me to comment publically?
Am I comfortable for my postings to be officially discovered in the future?
Am I happy for my on-line content to reach those I didn’t intend?
Am I diligent enough before clicking to access something?
The Student Handbook has advice and guidance for students on use of social media, available at https://my.sunderland.ac.uk/
The policies, regulations, and guidance are designed to ensure that we as a University work in line with current legislative requirements.
Anyone wishing to login to the University of Sunderland’s IT systems should read, understand, and accept this policy in conjunction with the policies listed.
Policies of particular relevance are available at https://ts.sunderland.ac.uk/ and include:
Legislation of relevance is available at www.legislation.gov.uk and includes:
JaNET Requirements are available at https://community.jisc.ac.uk/library/janet-policies:
Proposed Legislation, due to be enacted prior to the next policy review:
Available at https://ts.sunderland.ac.uk/csig/legislation.
A set of policies, principles, rules, and guidelines formulated or adopted by an organisation to reach its long-term goals, easily readable and widely accessible.
A computer network is a group of connected systems and devices that are linked together to facilitate communication and resource sharing among users of the network.
7.3. Guidance Note
A document allowing further explanation and communication to Users and Staff, about the method of implementation of policies and procedures, the roles, processes, and accountability associated with a particular policy, to aid transparency and understanding of how it is implemented within the organisation.
Provided to Users for information, to enable them to be better informed about how policies translate into operation and which safeguards in place.
7.4. Appendices to IT Regulations
A document allowing further explanation and communication to Users and Staff, about the full IT Regulations, specifying what is and is not Acceptable Use in different circumstances.
The Executive Member with overall responsibility for the operation of this policy is the Chief Operating Officer (COO).
Individual students, employees, contractors, consultants, partners, temporary/contract staff, third parties have responsibility for ensuring that they comply with this policy and any related policies and guidance. Users of the service and Staff of the University must attend training and awareness sessions provided by the University. All Users also have a duty to report any incidents or ‘near misses’ in relation to Cyber Security and/or Information Governance to the IT Service Desk.