Support Staff Guidelines

Tags policy

What Is It?

This document establishes computer usage guidelines for the Montana Tech support staff in the course of their job duties on the Montana Tech Campus Computer Systems. These guidelines are intended to protect the rights and privacy of Montana Tech clients as well as those of the Montana Tech support staff.

Support Staff Guidelines

1. Introduction
This document establishes computer usage guidelines for the Montana Tech support staff in the course of their job duties on the Montana Tech Campus Computer Systems. These guidelines incorporate the elements of the Montana Tech Special Access Agreement and the Acceptable Use Statement.  These guidelines are intended to protect the rights and privacy of Montana Tech clients as well as those of Montana Tech support staff.

2. Other Applicable Guidelines/Policies
Members of the Montana Tech support staff are required to abide by all the items outlined in the Acceptable Use Statement.  In addition to being the guardians/supporters of the campus resources, members of the Montana Tech support staff also serve as examples of professionalism for the rest of the user community. Many members of the Montana Tech support staff have some level of special access. Special access is defined as having the password and privilege to use a special account (e.g., root) on a Montana Tech computer or subsystem or to have privileges above and beyond those of normal users. The first time a member of the Montana Tech support staff requests special access, he/she is asked to read and sign the Special Access Guidelines Agreement. This agreement presents general guidelines for using special access in a responsible and ethical manner. The agreement also specifies behaviors and practices that are prohibited. All members of the Montana Tech support staff should reference the Special Access Guidelines Agreement whenever they have a question regarding proper use of special access. The document may be accessed via http://www.mtech.edu/netserve/layout.htm. Highlights of the guidelines are provided below.
 
3. Privacy of Clients Data/Information
There is one particular topic that is not covered in detail in either of the two documents discussed above. That topic is the privacy of client’s files and information stored on/in Montana Tech network servers, computers and resources. Sometimes during the normal course of their job, a member of the Montana Tech support staff will have a need to view a file belonging to another person. Some examples are: helping a client with a programming problem which requires access to the client’s source
program; upgrading an old system to a new one, helping a client resolve an electronic mail problem which requires viewing part of the client’s mail message file. Whenever required to view a client’s file in the course of helping that client, the consent of the client must be first obtained or present. In the case of resolving an electronic mail problem, in which the message has been returned to the postmaster account, consent is also implied. In those cases where consent is given, support personnel must still abide by the following guidelines and focus troubleshooting to the issue at hand. However, in all cases the client must be advised that his/her file(s) must be viewed/accessed to assist them. When assisting Montana Tech clients, members of the Montana Tech Support Staff should use the following guidelines:
  • Use and disclose the clients data/information only to the extent necessary to perform the work required to assist the client. Particular emphasis should be placed on restricting disclosure of the data/information to those persons who have a definite need for the data in order to perform their work in assisting the client.
  • Do not reproduce the client’s data/information unless specifically permitted by the client.
  • Refrain from disclosing a client’s data/information to third parties unless written consent is provided by the client.
  • Return or deliver to the client, when requested, all data/information or copies to the client or someone the designate.  Remove all uploaded information from a server utilized in support  Utilized an upload area that is protected from general view or access.
 
4. Proprietary Information
Due to the nature of computer support, there is a large potential for having proprietary information stored, at times,  on/in Montana Tech network servers, computers and resources. Information that would be considered proprietary would be individual user information, individual mail, individual user documents – this is not inclusive – merely for example. Since members of the Montana Tech support staff will have enhanced access to the Montana Tech network systems and resources, they will potentially have access to proprietary information. Members of the Montana Tech support staff are responsible for ensuring that all proprietary information is protected from disclosure or modification. When dealing with proprietary information, members of the Montana Tech support staff should use the following guidelines:
 
  • Ensure appropriate measures are in place for protecting proprietary information. 
  • Do not attempt to access proprietary information for which you have not been given authorization. 
  • Do not make copies of proprietary information unless specifically permitted by the owner of the information as matter of official standard operating procedure. 
  • Refrain from disclosing to third parties the types of proprietary information you can access.
 
5. Security Investigations If during the course of their regular duties, a member of the Montana Tech support staff discovers evidence of a violation of the Acceptable Use Statement, he or she must notify the Vice-chancellor of Academic Affairs or the Computer Security Officer.  If there is probable cause to believe a violation has occurred, additional investigation will be authorized.  Members of the Montana Tech support staff should not begin an investigation of a client without receiving authorization from the proper person. If you are requested to participate in an investigation of a client, or you must view a client’s files (after receiving consent) during the normal course of your job duties, you must be careful not to disclose information about that client or the contents of the client’s files to other people. Information concerning the client should only be disclosed to the Chancellor, Vice Chancellors, their designee or to a law enforcement agency.  It is also very important to keep a detailed record of all actions when investigating an allegation of improper use.

6. Summary of Guidelines To summarize, please follow these guidelines:  Read and follow the Acceptable Use Statement of Montana Tech of the University of Montana.   Read and follow the Montana Tech Special Access Agreement.  Do not inspect a client’s files without consent of the client or the proper authorization.  Inform the proper person when you feel there is evidence of a possible violation.  When performing an investigation on a client or system which involves viewing client’s private files/data/information, keep a detailed record of why the investigation was initiated and what actions you took.