I am about to start putting together a AUP for us as sysadmins, should have been done a long time ago but hasn't. Does anyone have a referance one I could take a look at?
Found this one which looks ok:
Computer systems and network administrators (SNAs), by the nature of their work, have privileges and responsibilities that other users of technology generally do not have. Without system privileges, SNAs would not be able to do their jobs. The use of these privileges must be wise and thoughtful. These guidelines were developed to articulate responsibilities SNAs have in addition to those outlined in University's Computer Systems Acceptable Use Policy and the Procedures in Support of the Acceptable Use Policy.
1.SNAs are bound by the Computer Systems Acceptable Use Policy. Further, SNAs have a responsibility to educate their users about the Policy.
2.All SNAs have an additional responsibility to assure the operation, security and integrity of Georgetown University's computers, networks, and data.
3.Consistent with the other obligations imposed on them under the Computer Systems Acceptable Use Policy, other applicable University policies, and the law, SNAs will treat as confidential any private and/or confidential information obtained during system administration. The policy on Confidential Information, #403, published in the Human Resources Manual also applies.
4.SNAs must not disclose privileged and confidential information about Georgetown University's systems or any other information that could prove detrimental to operations or compromise system security.
5.It is against University policy for an SNA to read a user's files. However, SNAs, in the course of routine system administration, may need to delete or archive user files or messages. In order to do this, SNAs must first promulgate a clear policy to the users describing how and when delete or archive actions will be taken. These policies may vary by department. This section does not, however, grant SNAs authority to read user files or messages during routine system administration.
6.When reacting to or preventing actions by users that may violate the Computer Systems Acceptable Use Policy or other actions by users that may have significantly detrimental effects on system or network operation, SNAs may need to read, modify or delete user files or messages.
7.Each SNA will take all practical measures to ensure that all hardware and software license agreements are faithfully executed on all systems, networks, servers, and computers for which he or she has responsibility.
Violations of this policy will be handled following the administrative and disciplinary processes outlined in the applicable operating policies and procedures of the University.
Nice to see that Georgetown have taken it seriously enough to actually write one! Good practice that should certainly be spread around I think.
There are currently 1 users browsing this thread. (0 members and 1 guests)