Responsibilities as a Computer User at IU
By receiving and using an Indiana University Network ID, users accept certain responsibilities and standards for computer use, which apply to all IU computing resources. To review the IU Acceptable Use Agreements for students and employees, visit the Acceptable Use Agreement webpage.
Peer-to-peer (P2P) File Sharing and Copyright Safety
Peer-to-peer (P2P) file-sharing allows users to share files online through an informal network of computers running the same software. File-sharing can give users access to a wealth of information, but it also has a number of risks which can lead to serious network security issues. In addition, unauthorized distribution of copyrighted material using IU’s IT resources can result in costly legal penalties. Learn more by reading the Peer-to-peer File Sharing & Copyright Safety webpage.
University-Wide and Campus IT Policies
University-wide IT policies apply to all users of Indiana University information technology resources regardless of affiliation, and irrespective of whether those resources are accessed from on- or off-campus locations. IU Southeast-specific policies also exist. Visit the Tech Services IT policies webpage to learn more.
Policies IT-12 and IT-12.1 for Employees
IT-12 and IT-12.1 policies are regarding data security and procuring technology devices using IU funds, including desktops, laptops, iPads, tablets, etc.
Procedure for procuring technology devices using University funds:
- Departments will request specs and a quote from University Information Technology Services at IU Southeast (SE-UITS), and also provide the proposed funding source (account number).
- Once the department approves the quote, SE-UITS will create a requisition to procure the device(s). Departments cannot directly submit requisitions for IT resources.
- Upon receipt of the IT resource(s), SE-UITS will configure the device to meet IU data security standards, and ensure the equipment is properly inventoried, prior to delivering the IT resources to the department.
- Disposal of all IT devices will be processed by SE-UITS. This includes aged devices and those no longer required by the department due to organizational and job duty changes, or employee attrition.
IT-12/IT-12.1 policy requirements for data security on desktop computers, laptops, tablets, and cell phones:
- IT-12 requires that machines run software that is up-to-date, and that patches and updates be installed to address security risks.
- Anti-virus must be installed on all machines.
- Sensitive data must be encrypted while in transit.
- Limit access to resources to only those eligible and required. All users must be identified and authenticated before access is allowed.
- Day-to-day work should be performed by users with a standard account. Secondary accounts are required for any work that would require administrative privileges on a machine.
- For SE-UITS systems to apply software updates to machines, machines should be left on during nights and weekends (signed out but not powered off). This allows software updates and anti-virus scans to take place at a time that will not interfere with most user activity.
- IT-12.1 applies to all mobile devices, including personally owned devices.
- When dealing with critical information from a mobile device, written approval from the senior executive of the unit is required.
- When dealing with critical information the information must be encrypted on the device and in transit.
- More information about handling critical data can be found here: https://datamanagement.iu.edu/docs/critical-data-guide.pdf
- Users should scan for critical data on their workstations/laptops every 30 days using a tool such as Identity Finder.
Table for mobile device compliance:
|Mobile Device||Passcode/Passphrase||Intrusion Prevention||Encryption||Remote Wiping|
|Handheld mobile device (i.e., Smart Phone, Tablet, etc.)||Required – minimum 4-character passcode using at least 2 unique characters, and auto lock after a maximum of 15 minutes of inactivity.||Required - Lockout or wipe after 10 incorrect attempts, OR Increasing delay after incorrect attempts.||Recommended in all cases if supported by the device.
Required for all intended use involving critical information. 
|UIPO Incident Response or the Support Center will assist with remote wiping based on the circumstances of reported loss or theft.|
|Laptop/Notebook Computer||Required – Passphrase meeting IU requirements  must be used when device boots, and auto lock after a maximum of 15 minutes of unattended inactivity.||Required – lockout after 25 incorrect attempts within 2 hrs.||Required - full disk.||Not applicable|
Read the full policies:
If you have any questions or concerns, please contact the UITS Support Center at (812) 941-2447 or firstname.lastname@example.org.