The following policies/guidelines apply to staff use of Libraries workstations (including laptops and notebooks), software, network space, and related technology.
Libraries employees must comply with all University policies relating to the use of software, hardware, and the University network. Policies are available in GURU (General University Reference Utility). The most important University policies for this topic, along with selected text, are referenced below:
- Policy FN14, Use of University Tangible Assets, Equipment, Supplies and Services: "All tangible assets (including equipment, software, audio-visual material, theatrical costumes, etc.) owned, leased or operated by the University are to be used in the conduct of University programs and activities at University owned or leased locations. ...University tangible assets and services may not be used for personal gain, by employees for purposes outside the scope of their employment (see also Policy HR35,) or by students beyond their instructional requirements.
- Policy AD20: Computer and Network Security: "University Computer and Network Resources may be accessed or used only by individuals authorized by the University. Issuance of an account to a system user must be approved by an authorized University representative, as designated in University Policies AD20, AD23, and Administrative Guidelines ADG01 and ADG02. Any computer, computer system, or network or device physically connected to or accessing University Computer and Network Resources will be subject to and must comply with the University's Administrative Guideline ADG02: "Computer Facility Security."
- Password Policy Statement for Access Accounts. Penn State Access Account owners are expected to:
- Comply with University Policy AD20: Computer and Network Security.
- Create a strong password; see Password Creation Guidelines below.
- Change the password at least once a year, or more frequently as needed to maintain password security. Individuals are responsible for changing their password before it expires, to avoid disruption of access to Penn State services. See Password Expiration below for additional details.
- Safeguard the password. For example, individuals should not write down or store the password on paper or on a computer system where others might acquire it. See protect your password from misuse for additional guidelines.
- Never share the password, even with a best friend, roommate, or relative.
- Reserve the Penn State Access Account User ID and password for Penn State systems and services only. Individuals should create a different username and password for external services such as stores, banks, music services, Web sites, personally owned computers, or other systems.
- Appropriate Material for the Workplace.
No photographs or other content, including Internet downloads, that are inappropriate to the workplace should be retrieved, displayed or retained on Libraries workstations. ADG01, Glossary of Computer Data and System Terminology, includes harassment and obscenity within its definition of "abuse." AD20, System Users section, indicates that "Transmitting or making accessible offensive, obscene or harassing materials, and transmitting or making accessible chain letters, etc., are prohibited."
UNIVERSITY LIBRARIES POLICIES:
The desktop hardware, as well as any notebooks or laptops supplied by the Libraries, are provided at the discretion of the Libraries' Administration for work-related activities in the performance of your job. As a Libraries' employee, it is your responsibility to use these in a professional manner.
- The University Libraries will provide employees with hardware and a standardized suite of software for workstation productivity. PC is the supported platform. Exceptions must be approved by the Libraries' Administration.
- Staff members may be supplied with one workstation that will be upgraded/replaced periodically through the life cycle process. No more than one workstation per person will be made available without justification. In order to ensure that notebooks which are purchased through cost centers and are not part of the regular equipment life cycle meet security guidelines, they must be replaced on a regular basis just like life-cycled equipment. Replacements for notebooks purchased through cost centers are budgeted within the department.
- UL-IT03 - Workstation Policy and Procedural Guidelines for Libraries' Employees" governs the disposition of equipment and software assigned to employees who retire or terminate from the University Libraries.
- Hardware components should all be Libraries-supplied. This includes special mice, ergonomic devices, screen shades, keyboards, etc. No components should be moved from one machine to another since it compromises the Libraries ability to maintain an accurate inventory.
- Server software is not to be run on individually assigned machines.
- Avoid using screen savers other than those provided with your operating system, or those you have developed yourself through an approved process. Downloaded screen savers may carry viruses or interfere with other processes of the operating system.
- Commercial software, where work-related and appropriate to the overall hardware/software platform, can be requested as a cost center purchase. Appropriate licenses, inventory, and upgrade/maintenance issues can then be monitored for everyone by I-Tech. Current information on Libraries standard and non-standard software is available here (staff only). Privately owned software should not be loaded on Libraries' workstations since it may interfere with performance and cannot be serviced by DLT personnel. Software needed for the job will be purchased and maintained by the Libraries. One permitted exception is personal PDA/Palm device hardware software, which the PDA owner supplies.
- Loading of sequential copies of any free trials designed for temporary evaluation use is not permitted, unless the company providing the software specifically agrees to this practice. Licensed copies should be purchased if needed for the job.
- Work or files related to an employee's own personal commercial enterprise or business shall not be transferred over the University's network or appear on a Libraries' machine.
- Thunderbird is the mail product used by the Libraries. [See Email policies and etiquette issues for detailed information on mail.] Please do not ask for helpdesk assistance for personal accounts such as gmail, AOL, etc.
- The staff of DLT does not monitor machine content but if technicians notice any potential violations in the course of normal operations, they will report to the DLT Director of Digital Library Infrastructure who will contact the Libraries' Administration. In extreme cases, the entire workstation may be removed intact from the work space to a secure location as directed by Libraries' Administration.
- Digital Library Technologies is the official security representative to the University for the Libraries.
Other Policies in this manual should also be referenced, especially the following:
UL-IT01 – Computer, Network, and E-Mail Account Authorization Process for Library Employees
UL-IT03 – Workstation Policy and Procedural Guidelines for Libraries' Employees
UL-IT04 – Email
Guideline UL-ITG01 – Suggestions for Effective Use of Libraries Staff Workstations and the Network
Guideline UL-ITG03 – Requesting the Purchase of Nonstandard Software
Also reference University Policy FN14, Use of University Tangible Assets, Equipment, Supplies and Services.
Effective Date: March 2003
Date Approved: March 10, 2003 (Dean's Library Council)
Revision History (and effective dates):
- November 2007 – Revised policy
- March 10, 2003 – New policy
Last Review Date: November 2007