Course Catalog

Administrative Guideline 1102

Policies & Procedures
Administrative Guidelines
Student Code of Conduct
Student Handbook
Consumer Information

Administrative Guideline 1102

Adopted: December 5, 2014

ADMINISTRATIVE GUIDELINE TYPE: Information Technology Services (ITS)
ADMINISTRATIVE GUIDELINE TITLE: Personally Owned Device (POD) Bring Your Own Device (BYOD) 
DEPARTMENT RESPONSIBLE: Information Technology Services (ITS) 
GUIDELINE STATEMENT OF PURPOSE: Personally Owned Device (POD) Bring Your Own Device (BYOD)

I. Statement of Purpose

Southeastern Community College (SCC) grants its employees the privilege of using personally owned
devices (POD) to connect to the College’s network and technical resources. This guideline outlines
employee and student responsibilities and provides important information that all users need to understand.

This guideline is intended to protect the security and integrity of SCC’s data and technical infrastructure. SCC reserves the right to revoke this privilege if users do not abide by the requirements outlined in this guideline.

SCC employees and students must agree to the terms and conditions set forth in this guideline in order to be able to connect their devices to the College’s network. In addition, each employee will be required to read, acknowledge and sign a waiver stating they understand this guideline before they connect personally owned devices (POD) to SCC’s technical resources. Students and guests will be required to read and accept the conditions of this guideline when accessing SCC’s guest wireless network.

II. Access as a Privilege

The use of SCC’s network and technical resources is a privilege, not a right. Any inappropriate use of said resources can result in the revocation of those privileges.

III. Users Governed

This guideline applies to any user who connects to the wired or wireless SCC networks with a POD.

IV. Personally Owned Devices (POD)

In general, any POD may be connected to the SCC network, provided its use does not disrupt any College system/service or violate SCC’s Administrative Guidelines. Examples include:

  1. Smartphones including Windows, iPhone and Android devices are supported in reference to their
    connectivity with SCC technical resources.
  2. Tablets/Laptops including Windows, iPads and Android devices are supported in reference to their
    connectivity with SCC technical resources.

V. ITS Support for Personally Owned Devices (POD)

Information Technology Services (ITS) will prioritize the support of SCC owned devices and production
information systems and provide only limited support for PODs. Limited support for PODs is defined as:

  1. Maintaining the availability of the SCC wireless networks.
  2. Additional POD support for the SCC network includes:
    1. Troubleshooting connectivity or authentication issues on POD.
    2. Configuration of POD for communication with SCC email system (e.g. Exchange ActiveSync).
    3. Providing software application support when reasonably possible as determined by ITS. Note: It is the responsibility of the device owner to have and provide authentic, individually owned and registered software before any assistance will be provided.
    4. Ensuring wireless network compatibility for officially supported device types as listed on the ITS website. ITS will strive to ensure compatibility for all major devices according to market share. Should you have any concerns regarding compatibility, please consult with ITS prior to purchasing any devices you intend to use on the SCC network.
  3. Examples of POD support not provided by ITS include, but are not limited to:
    1. Troubleshooting device performance or hardware problems.
    2. Troubleshooting software applications or cloud services aside from those provided by SCC or specifically required by College program.
    3. Installing OS upgrades, OS patches, or SCC owned software on POD.
    4. Backing up device data or migrating data to a new device.
    5. Removing malware or spyware.

VI. Responsibility of Users

  1. Abide by SCC’s Administrative Guidelines. (See Reference List)
  2. Under no circumstances should the user download or store “Confidential Data” on a POD. SCC’s
    “Confidential Data” is defined in Administrative Guideline 1114. Users agree to never access secure
    confidential data on a POD via any means including but not limited to: email, file shares, secure
    websites, Ellucian, screen sharing technologies, remote desktop, and virtual desktop technologies.
  3. User agrees that any POD accessing non-public data (Administrative Guideline 1114) will be used by the intended personnel and not shared with any other individuals. Any user accessing non-public data must have antivirus and antimalware technologies, secure passwords, full device encryption, and remote wipe technologies that are approved by the ITS department.
  4. If a user receives an email with confidential data, the file must not be downloaded and should be immediately deleted.
  5. Abide by the instructor’s syllabi and/or program handbook in reference to POD usage during scheduled classes and labs.
  6. Delete or return all data/applications belonging to SCC when 1) the relationship with SCC ends, 2) the POD is not needed to connect to SCC’s network or the user is no longer the primary user of the POD.
  7. Employees are responsible for securing their POD to prevent sensitive data from being lost or
    compromised, viruses being spread, and any other form of abuse.
  8. Notify ITS of any theft or loss of a POD containing data or software applications belonging to SCC.
  9. In order to prevent unauthorized access, PODs must be password protected using the features of the device and a strong password is required to access the company network. The POD must lock itself with a password or PIN if it’s idle for five minutes.
  10. Passwords to access PODs must be changed at the same interval that SCC requires password changes.
  11. Users should never use the same password on a POD that the individual is using for their SCC account password.
  12. Users will agree to install all patches that are available for their mobile device including the operating system and all installed software.
  13. The faculty or staff supervising the use of technical and network resources has the authority to enforce student adherence to this guideline. The supervising employee may issue a warning to users and should be considered as a guide to users to assist them in the correct use of SCC’s technical and network resources.

VII. Security and Privacy of Users

Currently, no Mobile Device Management (MDM) solution has been implemented for the SCC Guest or
SCC Wireless networks. However, SCC Information Technology reserves the right to implement such
restrictions or solutions.

ITS may perform security scans against any POD that accesses SCC networks in accordance to the
College’s Administrative Guidelines. ITS may, without notification, prevent or ban PODs which disrupt
any technical resource or are used in a manner which violates College guidelines.

VIII. Risks/Liabilities/Disclaimers

Employees/Students who elect to participate in BYOD accept the following risks, liabilities, and
disclaimers:

  1. College data communicated through a POD may be considered public record and subject to
    disclosure pursuant to applicable laws, court orders, or subpoenas, without the users consent.
  2. SCC reserves the right to disconnect PODs or disable services without notification.
  3. The employee/student is expected to use his or her POD in an ethical manner at all times and adhere to the SCC’s acceptable use administrative guideline 1101.
  4. The employee/student is personally liable for all costs associated with his or her POD including, but not limited to, PODs that are lost, stolen, or damaged.
  5. SCC does not accept liability for the maintenance, backup, or loss of data on a POD.
  6. The employee/student assumes full liability for risks including, but not limited to, the partial or
    complete loss of College and personal data due to an operating system crash, errors, bugs, viruses,
    malware, and/or other software or hardware failures, or programming errors that render the POD
    unusable.
  7. Employee/Student violating this guideline may be held personally responsible for resulting damages and civil or criminal charges. This would include, but is not limited to, applicable laws regarding data loss or breach notification.
  8. ITS provides only limited security for the SCC wireless networks and at no time does the College
    accept liability for the security of a POD.
  9. PODs may be subject to searches and investigations as a result of litigation. SCC will respect the
    privacy of your POD and will only request access to respond to legitimate discovery requests arising out of legal proceedings.

IX. Due Process

Activities which are criminal under federal, state, or local law will be reported to the appropriate
authorities. Criminal and non-criminal abuses of SCC’s technical and network resources may result in a
warning, suspension, or termination of privileges and possibly termination of employment and other
disciplinary actions.

Serious or repeated infractions of the college’s guideline may be referred to the appropriate Dean/Vice 
President for action under the college’s Judicial Codes and Appeals. Actions taken against offenders may include any sanctions listed in the Judicial Codes and Appeals including suspension or termination of computer and network privileges as well as possible expulsion from the College. 

X. Disclaimer

SCC shall not be held responsible for any illegal, negligent, or harmful actions as a result of inappropriate use of college internet, email, or network resources. In addition, SCC is not responsible for content downloaded from external web sites and networks.

SCC will not be responsible for any damages or loss of data experienced by those using computing
equipment, facilities, and network services.

XI. References

  1. Administrative Guideline 1101 - Employee/Student/Public Technology Usage Guideline
  2. Administrative Guideline 1114 - Employee Guidelines for Securing Confidential Data
  3. Administrative Guideline 1115 - Employee Guidelines for Securing Mobile Technologies
  4. Administrative Guideline 1116 - Employee Guidelines for Reporting Security Incidents
  5. Iowa Code Chapter 22 - Open Records Law

Bring Your Own Device – Employee Waiver

By signing below, you agree that you have read and understand SCC’s Administrative Guideline 1102. In addition, you agree to follow the responsibilities documented in this guideline and acknowledge the conditions under which you can connect your POD to the College’s network and technical resources.


______________________________         ___________
SCC Employee Signature                   Date

 

______________________________         ___________
SCC Exec. Dir. of ITS Signature         Date