To establish the basic policy of the University for the use, protection, and preservation of computer-based information generated by, owned by, or otherwise in the possession of the University, including all academic, administrative, and research data ("University Information").
This policy applies to all users of Boston University computer facilities and to all University Information.
University Information is a vital asset of the University and as such requires protection from unauthorized access, modification, disclosure, or destruction.
Each unit of the University is responsible for identifying and protecting all University Information within its area of control.
Management of each unit of the University is responsible for ensuring that all employees in the unit understand and satisfy their obligation to protect University Information. Management is also responsible for developing and implementing such additional policies and procedures as are necessary to implement fully this Policy. Please see the Boston University Information Security Management Guidelines.
All users of Boston University computer facilities are responsible for complying with this Policy and with any other applicable policies and procedures pertaining to the protection of University Information, including the Boston University Conditions of Use and Policy on Computing Ethics and policies regarding disclosure of student or personnel records.
Non-compliance with this policy may lead to disciplinary action by the University, including revocation of computer use privileges and, in the case of employees, dismissal from the University. Under certain circumstances, unauthorized access to or modification, disclosure, or destruction of University Information may give rise to civil and/or criminal liability. Any computer system which fails to comply with security procedures described in the Boston University Information Security Management Guidelines or for which no specific procedures are published by the University may be refused access to the Campus Network and may be deemed inappropriate for storing or accessing University Information.