The key here, Chris is that you are speaking of a draft document which is
not yet an "administrative ruling" or policy. If that document were to
become "policy", then that is what we would need to live by. But at the
moment it is just "ideas". Now... there IS a part of our current AUP that
states (under part III):
"2. Because computing systems at MSU serve diverse purposes and diverse
constituencies, System Sponsors are accorded wide discretion in establishing
reasonable and appropriate policies applicable to their systems. (For
example, some System Sponsors, to achieve their particular goals, may permit
or encourage the playing of computer games. On other systems, System
Sponsors may legitimately prohibit game-playing in order to conserve scarce
resources.) The effectiveness of such policies depends substantially on
their systematic communication to Users, typically at the time usage
authorization is first granted by the System Manager or by Facility Staff."
This, however, does not give IT staff the right to go out and make everyone
agree to a doc that would make us all "network Nazis", pardon the vernacular
and no offense is meant to those with a pro-Nazi viewpoint ;-). However, we
cannot usurp the rights of faculty that ARE system owners even though they
may be part of our department and we cannot take away certain basic rights
such as that to privacy and free speech. What it does say however, is that
what may be prohibited in some places (ie: chat or computer games) may be
encouraged in other places by unit policies. Prohibiting certain behaviors
as contrary to business need by departmental policy is one thing, usurping
the authority of the Vice Provost and the AUP is entirely another.
Let me give you an example an office environment may have a policy that bans
chat during business hours and that is perfectly acceptable, BUT they cannot
go through the user's logs, temp files, etc to see if the person had been
chatting or not without the user's permission, a subpoena or the permission
of the Vice Provost. It just cannot be done under our current AUP. On the
other hand, under the part of the AUP quoted above, another department
(perhaps consulting) may actually encourage chat so that the technology
might be learned, understood and utilized.
This is my "official" position under our current AUP which may or may not
reflect any personal views I have on the matter.
~~~~~~~~~~~~~~
Randall J. Hall
MSU Network Acceptable Use Policy Compliance
409 Computer Center
Michigan State University
East Lansing, MI 48824
(517) 432-5340
[log in to unmask]
-----Original Message-----
From: MSU Network Administrators Group [mailto:[log in to unmask]] On
Behalf Of Chris Wolf
Sent: Wednesday, March 30, 2005 1:10 PM
To: [log in to unmask]
Subject: Re: [MSUNAG] AUP
At 10:39 AM 3/30/2005, Randall J. Hall wrote:
>A department really has no authority to write their own �AUP� and neither
would the type of agreement proposed below be appropriate.
What you are saying contradicts the discussion here several years ago and
also contradicts the draft document
http://www.msu.edu/~ncc/Documents/SysOp/SysopD10.pdf It specifically says
that each system may have its own AUP, which may provide fewer privacy
rights to users of that system than would be provided by the University AUP.
My understanding is that the type of agreement proposed below would be
entirely acceptable. The only requirement is that it be "aggressively
advertised to users of the system".
>In the case that a user is having problems with their machine, they may
give permission for you to access appropriate logs, settings, etc; however,
browsing through their private files, emails, etc is strictly prohibited and
would be a violation of the AUP. It is, however, very appropriate for a
department (or other unit) to issue a statement of policy concerning
compliance with the AUP. For instance, a departmental chair (as the local
system sponsor) may ban office personnel from using �chat� during business
hours, because they are chatting rather than doing their jobs. That doesn�t
mean, however, that the IT staff can go in and search folders to see if a
user has inappropriate files without proper authorization.
>
>There may be certain specifications (for business reasons) put on office
computers, for example it may be required that each computer have an
antivirus program set to automatically update, have a firewall in place, be
set for an automatic Windows update, etc. In the case of faculty computers
however, it is very likely that the faculty member is the system sponsor
(ie: purchased their computer from grant money, etc) in which case they hold
that particular authority, not the department. That faculty member may
request that their computer be set up to be accessed remotely or they may be
asked if they will allow it, but it is inappropriate for IT to force the
matter on them. Guidelines and/or suggestions, will go a long ways toward
remedying this situation.
>
>As far as desktop administration software, it does have legitimate uses and
in and of itself is not a violation of the AUP. In many cases, I don�t think
that it is being used as it should be, but that is because of what is being
done with it, not because of the application itself. When it comes down to
it, IT support and proper usage is a matter of integrety more than anything
else.
>
>If you have any questions about this or any other AUP matter, please feel
free to call me and I will be happy to answer any questions you might have.
>
>~~~~~~~~~~~~~~
>Randall J. Hall
>MSU Network Acceptable Use Compliance
>Academic Computing and Network Services
>409 Computer Center
>Michigan State University
>East Lansing, MI 48824
>(517) 432-5340
><mailto:[log in to unmask]>[log in to unmask]
>
>
>From: MSU Network Administrators Group [mailto:[log in to unmask]] On
Behalf Of Peter Cole
>Sent: Wednesday, March 30, 2005 9:29 AM
>To: [log in to unmask]
>Subject: Re: [MSUNAG] Virtual Network Computing
>
>What happens if we wish to write a departmental AUP of sorts? Well, more
like a signed "computer support agreement" between the user and the IT
staffed that, for example, stated (paraphrased), "I the user give the IT
staff of Department X permission to view any and all system logs at their
leisure." Would this written and signed permission then satisfy the AUP
requirements?
>
>- Peter
--Chris
==============================================
Chris Wolf Computer Service Manager
Agricultural Economics [log in to unmask]
Michigan State University 517 353-5017
