Are you saying that if the draft document was approved it would then allow
for local AUPs if they came from the Dean\Director\Chair\Head of the MAU, or
that local AUPs are currently allowed only if they come from the
Dean\Director\Chair\Head of the MAU?
-----Original Message-----
From: MSU Network Administrators Group [mailto:[log in to unmask]]On
Behalf Of Linda Losik
Sent: Wednesday, March 30, 2005 2:20 PM
To: [log in to unmask]
Subject: Re: [MSUNAG] AUP
The sysop piece is only a working discussion document, it is not even a
draft document and it is not policy. Local AUPs were under discussion.
The Vice-Provost sent the document back to committee for further
discussion. At this point in time, local AUPs have not been approved
This would be a policy that would only be enforceable if came from the
Dean\Director\Chair\Head of the MAU.
-----Original Message-----
From: MSU Network Administrators Group [mailto:[log in to unmask]] On
Behalf Of Chris Wolf
Sent: Wednesday, March 30, 2005 1:10 PM
To: [log in to unmask]
Subject: Re: [MSUNAG] AUP
At 10:39 AM 3/30/2005, Randall J. Hall wrote:
>A department really has no authority to write their own "AUP" and
neither would the type of agreement proposed below be appropriate.
What you are saying contradicts the discussion here several years ago
and also contradicts the draft document
http://www.msu.edu/~ncc/Documents/SysOp/SysopD10.pdf It specifically
says that each system may have its own AUP, which may provide fewer
privacy rights to users of that system than would be provided by the
University AUP. My understanding is that the type of agreement proposed
below would be entirely acceptable. The only requirement is that it be
"aggressively advertised to users of the system".
>In the case that a user is having problems with their machine, they may
give permission for you to access appropriate logs, settings, etc;
however, browsing through their private files, emails, etc is strictly
prohibited and would be a violation of the AUP. It is, however, very
appropriate for a department (or other unit) to issue a statement of
policy concerning compliance with the AUP. For instance, a departmental
chair (as the local system sponsor) may ban office personnel from using
"chat" during business hours, because they are chatting rather than
doing their jobs. That doesn't mean, however, that the IT staff can go
in and search folders to see if a user has inappropriate files without
proper authorization.
>
>There may be certain specifications (for business reasons) put on
office computers, for example it may be required that each computer have
an antivirus program set to automatically update, have a firewall in
place, be set for an automatic Windows update, etc. In the case of
faculty computers however, it is very likely that the faculty member is
the system sponsor (ie: purchased their computer from grant money, etc)
in which case they hold that particular authority, not the department.
That faculty member may request that their computer be set up to be
accessed remotely or they may be asked if they will allow it, but it is
inappropriate for IT to force the matter on them. Guidelines and/or
suggestions, will go a long ways toward remedying this situation.
>
>As far as desktop administration software, it does have legitimate uses
and in and of itself is not a violation of the AUP. In many cases, I
don't think that it is being used as it should be, but that is because
of what is being done with it, not because of the application itself.
When it comes down to it, IT support and proper usage is a matter of
integrety more than anything else.
>
>If you have any questions about this or any other AUP matter, please
feel free to call me and I will be happy to answer any questions you
might have.
>
>~~~~~~~~~~~~~~
>Randall J. Hall
>MSU Network Acceptable Use Compliance
>Academic Computing and Network Services
>409 Computer Center
>Michigan State University
>East Lansing, MI 48824
>(517) 432-5340
><mailto:[log in to unmask]>[log in to unmask]
>
>
>From: MSU Network Administrators Group [mailto:[log in to unmask]] On
Behalf Of Peter Cole
>Sent: Wednesday, March 30, 2005 9:29 AM
>To: [log in to unmask]
>Subject: Re: [MSUNAG] Virtual Network Computing
>
>What happens if we wish to write a departmental AUP of sorts? Well,
more like a signed "computer support agreement" between the user and the
IT staffed that, for example, stated (paraphrased), "I the user give the
IT staff of Department X permission to view any and all system logs at
their leisure." Would this written and signed permission then satisfy
the AUP requirements?
>
>- Peter
--Chris
==============================================
Chris Wolf Computer Service Manager
Agricultural Economics [log in to unmask]
Michigan State University 517 353-5017
|