Home&²Ô²ú²õ±è;»&²Ô²ú²õ±è;About&²Ô²ú²õ±è;»&²Ô²ú²õ±è;ESGC At A Glance&²Ô²ú²õ±è;»&²Ô²ú²õ±è;Policies & Procedures&²Ô²ú²õ±è;»&²Ô²ú²õ±è;Approved Software/Applications Policy

Updated Approval by President’s Cabinet 8/9/23

Purpose

The purpose of this policy is to establish guidelines for the procurement, installation, and use of software and applications at ³Ô¹ÏÖ±²¥. This policy aims to ensure the integrity, confidentiality, and availability of ³Ô¹ÏÖ±²¥ data, prevent security incidents, and protect ³Ô¹ÏÖ±²¥'s technology assets.

Scope

This policy applies to all ³Ô¹ÏÖ±²¥ employees, contractors, students, and anyone who uses ³Ô¹ÏÖ±²¥'s computing resources. This policy covers all software and applications used at ³Ô¹ÏÖ±²¥, whether they are installed on university-owned or personal devices.

Policy

    1. Software and application procurement:
      1. ³Ô¹ÏÖ±²¥ will acquire software and applications from reputable vendors, and only after a thorough evaluation of their features, compatibility, licensing, and security requirements.
      2. All software and application purchases must be approved by ³Ô¹ÏÖ±²¥'s IT department or designated authority.
      3. ³Ô¹ÏÖ±²¥ will ensure compliance with all software licensing agreements and copyright laws.
    2. Software and application installation:
      1. Only authorized personnel may install software and applications on college-owned devices.
      2. All software and applications must be installed from a trusted source, and users must verify the authenticity and integrity of the software before installation.
      3. Users must not modify, tamper with, or delete any software or application files, libraries, or configurations without prior approval from the IT department.
    3. Software and application use:
      1. Users must use software and applications only for their intended purposes and in compliance with ³Ô¹ÏÖ±²¥'s policies, procedures, and applicable laws.
      2. Users must not share software or applications with unauthorized individuals or install them on personal devices without prior approval from the IT department.
      3. Users must report any software or application-related security incidents or vulnerabilities to the IT department promptly.
    4. Software and application updates and patches:
      1. The IT department will manage the installation of software and application updates and patches to ensure the security and stability of ³Ô¹ÏÖ±²¥'s computing resources.
      2. Users must not delay or refuse to install critical software or application updates or patches.
    5. Non-compliance:
      1. Violation of this policy may result in disciplinary action, including but not limited to revocation of access to university computing resources, termination of employment or enrollment, and legal action.
      2. Users must report any suspected or actual non-compliance with this policy to the IT department or designated authority.
    6. Exceptions:
      1. Any exceptions to this policy must be approved by the VP for Information Technology Services or designated authority.

Enforcement

The IT Department or designated authority will enforce this policy and monitor compliance. ³Ô¹ÏÖ±²¥ reserves the right to modify this policy as needed to ensure the effective use of computing resources and the protection of EGSC data and assets.