Appropriate Use policy to be reviewed by administration
October 8, 2015
A revised policy on appropriate use of the NIU Network will be submitted to the president’s cabinet for final review in January.
The Division of Information Technology has been working for more than a year to revise the Appropriate Use policy, formerly known as the Acceptable Use policy, after backlash from an incident two summers ago involving a student who was allegedly denied access to a Wikipedia page. Drew Bjerken, chief information security officer, and Chief Information Officer Brett Coryell asked for input from University Council at Wednesday’s meeting.
“The overall intent of the policy is really to protect students, faculty and staff,” Bjerken said.
Coryell and Bjerken presented a new flow chart with accountability measures for information security at Wednesday’s meeting. Bjerken said anyone looking at files, emails or conducting any type of investigation always needs to have a valid reason to be viewing that information, including members of the IT department.
“We don’t want people to think we’re just fishing looking for bad things going on,” Bjerken said.
Coryell said the new accountability flowchart is a first attempt at helping individuals ensure they’re receiving fair and equal treatment in security or information sharing processes.
“We’ve been operating in an environment … where much of what we do isn’t properly documented,” Coryell said. “This may not even be the final, but it’s the beginning of writing this very helpful process of saying it’s documented. We can train people on it, we can refer to it … and ultimately therefore, we’re accountable to the university community for behaving in a rational, transparent, consistent and logical way.”
Coryell said having two devices won’t necessarily help an individual be more protected from having to disclose something they’re not comfortable with. Bjerken said individuals who receive stipends for their cell phones are still subject to FOIA requests.
“If anybody has a reason to believe something that’s related to work, … phone calls, text messages … they can FOIA or try to subpoena the information off of your personal device,” Coryell said.
Coryell said following the incorporation of input from University Council members, the policy will be submitted to the president’s cabinet for final review. Following that, an effective date for the new policy to begin will be chosen and announced.
“I hope it’s no later than Jan. 1,” Coryell said.