Information Technology
Student Affairs Data Security and Privacy User Agreement
The Division of Student Affairs, in accordance with the Montana Board of Regents Policy 1303.1,
maintains that each user of the Montana University System's (MUS) computing and information resources
should realize the fundamental importance of information resources and recognize his/her responsibility
for the safekeeping of those resources.
MUS information technology resources are to be used by employees for job-related activities, not for
private, or commercial purposes, unless covered under formal agreements with the MUS.
Each user of MUS-owned or managed computing systems must be knowledgeable of and adhere to MUS
policies, respect the rights of other users by minimizing unnecessary network traffic that might interfere
with the ability of others to make effective use of shared resources, respect the integrity of the physical
facilities and controls, and obey all pertinent federal, state, county, and local laws and ordinances. Each
user must abide by these policies, laws, and contractual obligations, and adhere to appropriate ethical
standards.
Further, data contained on MUS-owned or managed computing systems and transmitted on attached
networks are presumed to be MUS property, and are subject to monitoring and/or copying by the MUS,
unless MUS's rights are otherwise limited by law, policy, or contract. That is, in order to meet its
obligations, the MUS, through individuals operating within the course of their legitimate job duties, may
periodically, routinely, or for a specific purpose monitor activity on its computers, computing resources
and network. These individuals may include IT personnel and appropriate administrators and supervisors.
Records obtained by monitoring may be used within the MUS by MUS officials, employees and agents for
purposes appropriate to the management and administration of the MUS, including the investigation of
possible misconduct by a user or a third party.
According to Montana Board of Regents Policy 1302, the types of activities the MUS may monitor and on
which it may maintain records include, but are not limited to:
1. e-mail sent from or received by e-mail systems operating on MUS sites;
2. accesses to external Web sites originating from MUS sites;
3. other significant external network activity originating from or received by MUS sites; and
4. the contents of permanent storage devices attached to MUS computers (including installed software
and software version information, system data, and user data).
By signing this agreement I, ___________________________________, acknowledge that I have read
(Print your name)
and understand this policy and will act responsibly concerning security, privacy and acceptable computing
practices.
______________________________________
_____________________
Signature of Employee
Date
Policy passed by Student Services Directors and Senior Management Team on dd/mm/yyyy