ACCEPTABLE USE POLICY EMAIL

Abstract:  Jackson State University’s (“JSU” or “University”) Department of Information Technology (“DIT”) intention for publishing this Acceptable Use Policy Email policy is to ensure the protection and integrity of the University’s email system and to inform users of the importance of adherence to the guidelines provided herein. Policy Number: 50000.004 Effective Date: 2/13/2019 Review/Revised Date: 4/20/2023 Category: Information Technology Policy Owner: CIO/Information Technology Policy Contact: CISO/Information Technology

Policy Statement

The policy has been customized to accommodate the incorporation of Google Apps for Your Domain (“GAFYD”) Edu Version and their email service to the Jackson State University (“JSU” or “University”) Division of Information Technology (“DIT”) infrastructure. Therefore, Google’s Terms of Service (“TOS”) are also included in this document via this link:

https://www.google.com/apps/intl/en/terms/education_terms.html.

Although Google’s TOS are included in this document for the user’s convenience, JSU does not incorporate, adopt, or necessarily agree to those terms by virtue of this policy. If any of the TOS provided via the link above is amended and in conflict with the terms of this policy, then the terms of this policy shall have priority over any conflicting terms. Additionally, any provision not permitted by Mississippi law will be considered void.

Note: All data and information created, transmitted, or stored via the JSU email systems (hosted internally or otherwise) are JSU property. Consequently, the University has taken reasonable precautions to prevent unlawful third party access to these data.

Purpose

Email is one of the primary modes of communication within JSU, as such, the University provides email resources to support its work and mission. However, misuse and inappropriate usage can cause damage to the email system and pose legal, privacy and security risks. Thus, the purpose of this policy is to ensure the protection and integrity of the University’s email system and to inform users of the importance of adherence to the guidelines provided herein.

 

Definitions

• As used in this policy:
  • “Data” – Includes University, student, alumni, faculty and staff data.
  • “Email” – Electronic messages distributed via a computer networks to one or more recipient.
  • “Employee” – Includes JSU faculty, staff, contractors, consultants and agents.
  • “FERPA”- Family Educational Rights and Privacy Act.
  • “Information” – Includes University, student, faculty and staff information.
  • “Student” – anyone enrolled and registered for classes at JSU.
  • “Users” – Means users of Jackson State University email system and electronic communication resources.

 

Employee Adherence

This policy provides guidelines on appropriate usage of the University’s email and applies to all JSU employees, students, alumni contractors, consultants and individuals using communication technologies to transmit information or data via the JSU email system or computer network. It covers software platforms, and computing devices; there is no distinction between use of JSU email on your personal device or on a JSU computing device. The scope of this policy includes, (a) privacy and confidentiality, (b) email address format, (c) email usage, (d) account creation/deactivation, (e) technical support, (f) university access and disclosure and (g) monitoring of communication disclosure.

 

Policy

Privacy and Confidentiality

JSU and Google will make reasonable efforts to maintain the integrity and effective operation of its email systems, but users are advised that those systems should in no way be regarded as a secure medium for the communication of sensitive or confidential information. Due to the inherent security limitations of electronic communications, the University cannot assure the privacy of individual user’s email resources nor the confidentiality of messages that may be created, transmitted, received, or stored.

Unlike a personal Google Gmail account, Google Apps for Education does not display advertisements within applications, and as such Google does not view the contents of email messages, calendar appointments, documents or any other data associated with any other Google application.

 

Email Address Format

• Employee email account uses the format j-number@jsums.edu, email address will have the format firstname.mi.lastname@jsums.edu or firstname.lastname@jsums.edu for users with no middle initial. Student account takes the form j-number@students.jsums.edu email address will follow the same format mentioned above, followed by the respective domain names firstname.mi.lastname@students.jsums.edu or firstname.lastname@students.jsums.edu Alumni account will be j-number@alumni.jsums.edu and alumni email address is firstname.mi.lastname@alumni.jsums.edu or firstname.lastname@alumni.jsums.edu if no middle initial.
• In the case of email address conflicts, were two different users have the same exact name in the same domain, this will be resolved by appending digits at the end of the user’s name. (e.g., john.doe@jsums.edu and john.doe@jsums.edu), then, using a “first-come first-served” approach, email address will be john.doe@jsums.edu and john.doe1@jsums.edu respectively.
• Department, University unit and organization will use service account, e.g., s000123456@jsums.edu. As such, the email address will have the name or acronym of the requesting unit followed by @jsums.edu. For example, physics@jsums.edu or isi@jsums.edu, or as requested by the unit’s head/supervisor (Dean, V.P., Chair, etc.).
• Users will login with JSU j-number, University units or organization will login with service account s-number e.g., j000123456@jsums.edu, j000123456@students.jsums.edu j000123456@alumni.jsums.edu, or s000123456@jsums.edu and password respectively.
• Default password is set to the user’s date of birth (mmddyyyy), e.g., 05251985. Departments and University units with service accounts (e.g. s000123456@jsums.edu) will contact email support for password.

 

Email Usage

Acceptable Use of Email

• Only University faculty, staff, students, alumni and other internal or external persons or organizations who have received email accounts through the Division of Information Technology (DIT) are authorized users of the University’s email systems and resources.
• JSU will use the email provided to users as an official means of communication; e.g., between faculty and students or between supervisor and employee.
• JSU email account should be used for all official email correspondence and communication. Employees must ensure to use their @jsums.edu email account for all University business, including receiving and responding to emails.
• University email systems and resources should be used primarily for JSU business-related purposes. Limited or occasional personal unofficial email communication is permitted provided it is lawful and bears no cost to JSU.
• Email usage must be consistent with University policies and procedures of ethical conduct, safety, and compliance with applicable laws and proper business practices.
• Authorized Users are allotted as much space as Gmail/Google and/or JSU DIT deems necessary; currently, twenty-five (25) gigabytes (GB) is allotted per account. (Please, note that as of the date of this policy review, January, 2016, Google does not provide backup for users’ data; therefore, the user has the ultimate responsibility for preserving his/her data.) Email attachments are limited to 25MB for the entire message (including message and attachment), both sending and receiving. No exceptions will be made.
• It is the responsibility of the user to ensure that email messages and/or attachments sent or received are secure.

Prohibited Use of Email

• The University email system shall not to be used for the creation or distribution of any disruptive or offensive messages, including offensive comments about race, gender, hair color, disabilities, age, sexual orientation, pornography, religious beliefs and practice, political beliefs, or national origin. Employees who receive any emails with this content from any University employee should report the matter to their supervisor immediately.
• Users are prohibited from forwarding JSU business email outside of JSU email system. If the user forwards emails, such message should not contain University data or information.
• Users are prohibited from using third-party or personal email systems and storage servers such as Yahoo, MSN Hotmail, and Dropbox etc. to conduct University business or store JSU data or information.
• Personal use that creates a direct cost to the University is prohibited.
• Using email resources for personal monetary gain or for commercial purposes that are not directly related to University business is prohibited.
• Sending or receiving copies of documents or files that constitute plagiarism in violation of copyright laws is prohibited.
• Use of email to harass or intimidate others or to interfere with the ability of others to conduct University business.
• “Spoofing,” i.e., constructing an email communication so it appears to be from someone else in an attempt to misrepresent or hide identity is prohibited.
• Attempting unauthorized access to email by attempting to breach and subvert security measures on JSU email system, or attempting to intercept any email transmissions without proper authorization is prohibited.
• Creating or forwarding of chain letters requesting users to forward message or other pyramid schemes of any type is prohibited.
• Running a spambot using JSU email account or resources in an attempt to send messages to large number of users or newsgroup is prohibited.
• Posting messages using groups account or listserv to JSU community without prior and adequate approval is prohibited.
• Use of employee email once it has been deactivated is prohibited. Faculty/Staff that are no longer employed with the university but still maintain a student status must use their student email account.
• Sending malicious messages with attachments containing viruses or malware is prohibited.

Account Creation/Deactivation

 Unless denied within the University’s discretion, accounts will be created for:

• Admitted Students for active school terms.
• Currently employed Faculty.
• Currently employed Staff.
• Currently employed Administration.
• Internal and external entities or personnel as deemed necessary and with prior request to and approval by JSU DIT.

 

Accounts will be deactivated per the type of account and the appropriate event:

• JSU student email accounts are suspended 60 days after graduation.
• Faculty, Staff, and Administration accounts will be deactivated immediately at resignation or termination as deemed necessary by their supervisors, Human Resources or DIT.
• External entity or personnel accounts will be deactivated at expiration date (determined at account creation).

Technical Support

• The University will provide technical support for issues on JSU email accounts only. No personal accounts such as user@yahoo.com, user@gmail.com, etc. will be provided with support.
• The University will not provide email technical support for issues involving personal devices; e.g., cell phones, laptops.

Access and Communication Monitoring Disclosure

General Provisions

• Users shall have no expectation of privacy in data, files, software programs, information or any digital material stored, sent or received on JSU email system.
• To the extent permitted by law, the University reserves the right to access and disclose the contents of faculty, staff, students’, and other users’ email without the consent of the user. The University will do so when it believes it has a legitimate business need including, but not limited to, investigation triggered by indications of misconduct or misuse, as needed to protect health and safety, as needed to prevent interference with the academic mission, or as needed to locate substantive information required for University business that is not more readily available by some other means.
•  Faculty, staff, and other non-student users are advised that the University’s email systems should be treated like a shared filing system, i.e., with the expectation that communications sent or received on University business or with the use of University resources may be made available for review by any authorized University official for purposes related to University business.
• Email of students may constitute “education records” subject to the provisions of the federal statute known as the Family Educational Rights and Privacy Act of 1974 (FERPA). The University may access, inspect, and disclose such records under conditions that are set forth in the statute.
• Any user of the University’s email system and resources utilizing an encryption device to restrict or inhibit access to his or her email must provide access to such encrypted communications when requested to do so under appropriate University authority.

Policy Compliance

Compliance Measurement

The Information Technology team may be required to enforce compliance to this policy through various methods, including but not limited to, monitoring, Information Technology reporting tools, and internal or external audits.

Exceptions

The CIO, Email Administrator and Security team must approve any exception to the policy in advance.

Non-Compliance/Disciplinary Action

An employee found to have violated this policy might be subject to disciplinary action, which may include suspension of email access privileges and up to termination of employment.

 

Related Standards, Policies, and Processes

• Acceptable Use Policy
• JSU Staff Handbook