General User Policy



    Acceptable Use Policy Turquoise Trail Charter School (TTCS)

     

    1. Introduction

     

    This Acceptable Use Policy (AUP) for IT Systems is designed to protect TTCS, our employees, students and other partners from harm caused by the misuse of our IT systems and our data. Misuse includes both deliberate and inadvertent actions.

     

    The repercussions of misuse of our systems can be severe. Potential damage includes, but is not limited to, malware infection (e.g. computer viruses), legal and financial penalties for data leakage, and lost productivity resulting from network downtime.

     

    Everyone who works at TTCS is responsible for the security of our IT systems and the data on them. As such, all employees must ensure they adhere to the guidelines in this policy at all times.  Should any employee be unclear on the policy or how it impacts their role they should speak to the Principal or IT staff.

     

    2. Definitions

     

    “Users” are everyone who has access to any of TTC’s IT systems. This includes permanent employees and also temporary employees, contractors, agencies, consultants, suppliers, customers and business partners.

     

    “Systems” means all IT equipment that connects to the school network or access school applications. This includes, but is not limited to, desktop computers, laptops, smartphones, tablets, printers, data and voice networks, networked devices, software, electronically-stored data, portable data storage devices, third party networking services, telephone handsets, video conferencing systems, and all other similar items commonly understood to be covered by this term.

     

     

     

    3. Scope

     

    This is a universal policy that applies to all Users and all Systems. For some Users and/or some Systems a more specific policy exists: in such cases the more specific policy has precedence in areas where they conflict, but otherwise both policies apply on all other points.

    This policy covers only internal use of TTCS’s systems, and does not cover use of our products or services by customers or other third parties.

    Some aspects of this policy affect areas governed by local legislation in certain countries (e.g., employee privacy laws): in such cases the need for local legal compliance has clear precedence over this policy within the bounds of that jurisdiction. In such cases local teams should develop and issue users with a clarification of how the policy applies locally.

    Staff members at TTCS who monitor and enforce compliance with this policy are responsible for ensuring that they remain compliant with relevant local legislation at all times.

    4. Use of IT Systems

     

    All data stored on TTCS’s systems is the property of TTCS.

    Users who have been charged with the management of those systems are responsible for ensuring that they are at all times properly protected against known threats and vulnerabilities as far as is reasonably practicable and compatible with the designated purpose of those systems.

    Users must at all times guard against the risk of malware (e.g., viruses, spyware, Trojan horses, rootkits, worms, backdoors) being imported into TTCS’s systems by whatever means and must report any actual or suspected malware infection immediately.

    6. Unacceptable Use

     

    All employees should use their own judgment regarding what is unacceptable use of TTCS’s systems. The activities below are provided as examples of unacceptable use, however it is not exhaustive. Should an employee need to contravene these guidelines in order to perform their role, they should consult with and obtain approval from the principal or business mangager before proceeding.

                        All illegal activities. These include theft, computer hacking, malware distribution, contravening copyrights and patents, and using illegal or unlicensed software or services.  These also include activities that contravene data protection regulations.


                        All activities detrimental to the success of TTCS.  These include sharing sensitive information outside the company, such as personal information of students, as well as defamation of TTCS.


                        All activities for personal benefit only that have a negative impact on the day-to-day functioning of the school. These include activities that slow down the computer network (e.g., streaming video, playing networked video games).


                        All activities that are inappropriate for TTCS to be associated with and/or are detrimental to the company’s reputation. This includes pornography, gambling, inciting hate, bullying and harassment. 


                        Circumventing the IT security systems and protocols which TTCS has put in place.

     

    7. Enforcement

     

    TTCS will not tolerate any misuse of its systems and will discipline anyone found to have contravened the policy, including not exercising reasonable judgment regarding acceptable use. While each situation will be judged on a case-by-case basis, employees should be aware that consequences may include the termination of their employment.

     

    Use of any of TTCS’s resources for any illegal activity will usually be grounds for summary dismissal, and TTCS will not hesitate to cooperate with any criminal investigation and prosecution that may result from such activity.