The University of Gloucestershire is committed to providing a safe and secure environment for technology use while ensuring freedom from harassment and discrimination. This policy requires all users to follow rules when using university IT resources, and it will be enforced to protect individuals and the university. All users must agree with this policy to access and use IT systems.
Aim, purpose and scope
The IT Acceptable Use Policy sets rules for using the University’s IT systems to safeguard data, system integrity, security, and user safety. It applies to all users.
Type of policy
User Policy
Related policies
This policy should be utilised in conjunction with the referenced policies below.
Agile Working Framework (staff only) – available on Sharepoint
Staff only
Acceptable Use Policy (AUP)
The following statements encompass all facets of general IT usage, including but not limited to Internet, email, user accounts, networks, and Wi-Fi.
I agree not to:
Create, download, store, or transmit unlawful, indecent, offensive, defamatory, threatening, discriminatory, or extremist material. The University reserves the right to block, monitor, report, and investigate access to such material.
Download or distribute copyrighted material without proper authorization.
Share User ID, Password, or University ID Card, nor inform others of their User ID or Password.
Delete, examine, copy, or modify files and/or data belonging to other users or the University without prior consent.
Install or attempt to install unlicensed or personally licenced software on a machine. All software on UoG devices should be managed and paid for by the University.
Attempt to crash or hack University systems or programs.
Access data from university systems without following the appropriate procedure/process.
Deliberately impede other users through mass consumption of system resources this includes using unnecessary bandwidth that may affect network performance for others.
Take any unauthorized or deliberate action that damages or disrupts an IT system, alters its normal performance, or causes it to malfunction.
Attempt to gain unauthorized access to university systems from remote systems.
Secure a level or privilege on university systems higher than authorized.
Introduce computer viruses or other disruptive/destructive programs into the University systems or external networks.
Transfer any information using personal or University equipment that contains content deemed illegal under UK law.
Compromise the University’s systems by exposing them to the risk of virus infections, hacking, or other unauthorized access attempts.
Engage in any online activity using university systems or devices that may compromise professional responsibilities.
Forge or attempt to forge email messages.
Attempt to read, delete, copy, or modify email directed to other users without prior consent.
Send harassing, obscene, and/or threatening email to another user.
Send ‘for-profit’ messages or chain letters.
Open email attachments from unknown or untrusted sources due to the risk of viruses or other harmful programs.
I agree to:
Take precautions to protect sensitive information. Unauthorised access, retrieval, or disclosure of confidential data is strictly prohibited.
Exercise caution when receiving emails from unknown sources. Do not click on suspicious links or provide personal information in response to emails.
Create strong passwords and update them regularly. Sharing passwords is strictly prohibited.
Enable and use MFA (when applicable) as standard when accessing all IT systems to add an additional layer of security.
Immediately report any illegal, inappropriate, or harmful material or incidents to the appropriate person.
Communicate with others in a professional manner, avoiding aggressive or inappropriate language and respecting differing opinions.
Carefully consider any image or comment uploaded, shared, or reposted on social media to maintain the safety and reputation of the University.
Follow BYOD policy rules when using personal handheld or external devices, ensuring compliance with university rules and the use of up-to-date anti virus software.
Not use removable media such as flash drives without express permission from Head of IT. If permitted, the media must be checked using antivirus software and encrypted.
Lock my computer when not in use.
Only share personal information securely, encrypting any transferred data outside the university network.
Follow the data protection policy and keep personal data private and confidential unless required by law or university policy to disclose such information.
Engage with all IT Security training and fulfil the obligation to complete it.
When using social media sites, I will not:
reveal confidential information about others or the university.
use it in any way to attack, abuse, post defamatory, derogatory, or offensive comments about others or the University.
Agreement statement
By agreeing to this policy, I understand that:
The university will actively monitor network traffic, internet usage, user accounts, and has the right to report and investigate any suspicious behaviour or access to inappropriate material internally or to the appropriate authorities.
I am responsible for all activities conducted under my account, and sharing login credentials is prohibited.
Any violation or attempted violation of this policy may lead to temporary or permanent exclusion from the University systems and services.
I accept full responsibility for adhering to this policy and the relevant policies listed above as applicable.
It’s the user’s responsibility, not the University’s, to back up any local files not held on the University’s file shares or Microsoft OneDrive.
I will not use University equipment for excessive personal use. For staff members please refer to the insignificant personal use agreement found on Staffnet.
Access to the university network is a privilege, and users must not attempt to bypass network security measures.
I understand I must follow the rules and/or guidance to ensure no risk to my safety or to the safety and security of the University’s IT systems.
I have a duty to report any breaches of this policy to the IT team as soon as possible.
I have read and understood all the related policies that are relevant to me.
; ?> "Visit the homepage"){kind=logo}