Purpose

To provide reliable and secure computer resources and to protect against breach of confidentiality, damage to company reputation, lost productivity, legal liability, damage to IT systems and electronic files and increased network traffic in the VMRF Core Domain Network.

Overview:

VMRF employees are responsible for appropriate use of their computers and VMRF Network resources. VMRF expects these individuals to be careful, honest, and responsible in the use of VMRF computer and network systems. This policy includes all VMRF locations and client locations at which any employee may be working.

Application:

Use of Computer Facilities

The use of VMRF computing resources is for purposes related to VMRF's mission of promoting biomedical and health services research by VA staff through comprehensive research resource management.
Users are entitled to use VMRF computing resources for purposes related to their official duties and business as VMRF employees.
User Responsibilities

1. Individuals assume personal responsibility for the use of their accounts.

Consequently, users may not disclose their passwords or otherwise make VMRF's facilities available to unauthorized individuals (including family or friends). Users are responsible for maintaining the security of their accounts. This includes, but is not limited to locking their workstations when leaving their desks for lunch or breaks and logging off the system when leaving for the night.

2. The possession or collection of passwords, or other secure identification information belonging to other VMRF employees or other VMRF web users is prohibited.

3. Computer facilities have tangible value. Consequently, attempts to circumvent accounting systems or to use the computer accounts of others will be treated as forms of attempted theft.

4. Users may not copy, publish, store or transmit data when doing so would constitute a violation of copyright. Users who are in any doubt as to the copyright status of data they wish to store or send should contact the VMRF core office for help in determining the legality of their planned use of the data.

5. Users are prohibited from downloading, installing, storing or using unlicensed software on VMRF computers. Transmission of such software over either the VMRF or UCSD University network is prohibited.

6. The introduction of data or programs which in some way endangers computing resources or the information of other users (e.g., a computer worm, virus, or other destructive program), or which infringes upon the rights of other VMRF users (e.g., inappropriate, obscene, pornographic, or abusive materials) is prohibited. If an employee inadvertently introduces a virus or other harmful program to the VMRF network, the employee MUST notify IT immediately.

7. Recognizing that computers and networks are limited resources, users must use them efficiently. For example, users should not run streaming audio or video from the Internet or use the VMRF printing services for personal use, as actions such as these take up valuable network resources.

8. Individuals may not attempt to circumvent security systems or to exploit or probe for security holes in any VMRF or UCSD network or system, nor may individuals attempt any such activity against other systems accessed through VMRF's facilities. Execution of programs designed to breach system security is prohibited.

9. The redistribution of information from VMRF files or directories (printed or electronic) to unauthorized third parties is prohibited.

10. Use of any VMRF owned computer or network for private, commercial, non-VMRF business purposes without authorization from the employee's direct supervisor is a violation of these computer use procedures.

VMRF is entitled to remove from any VMRF computing resource data and/or programs that are found to be inappropriate, as defined above.

Any user who violates the policies outlined above may be subject to disciplinary action, including, but not limited to, suspension or termination.

VMRF employees are expected to abide by the rules and procedures outlined in this document and to contact their immediate supervisor or VMRF Human Resources prior to any activity that would appear to violate any of the above procedures. Failure to do so may result in disciplinary action.

VMRF employees are expected to follow all guidelines stated above. Any actions that might harm the computer equipment or software, or impair its effective use, or show disregard for following proper procedures implemented for network access may lead to disciplinary action, including, but not limited to, suspension or termination.

Approved by the VMRF Board of Directors: 11/05/03