INTERNET SAFETY POLICY
FOR THE DEVEREUX FOUNDATION
Introduction
It is the policy of The Devereux Foundation to: (a) prevent user access over its computer network to, or transmission of, inappropriate material via the Internet, electronic mail, or other forms of direct electronic communications; (b) prevent unauthorized access and other unlawful online activity; (c) prevent unauthorized online disclosure, use, or dissemination of personal identification information of minors; and (d) comply with the Children’s Internet Protection Act (CIPA) [Pub L. No. 106-554 and 47 USC 254(h)].
Certain terms in this policy should be understood expansively to include related concepts. The words ‘company’ and ‘Devereux’ include all of our affiliates, subsidiaries, and Centers. The word ‘document’ covers all files that can be read on a computer screen as if it were a printed page, including the HTML pages read by an Internet browser, any file meant to be accessed by a word processing or desk-top publishing program, or its viewer, or files prepared for any electronic publishing tool. The word ‘graphics’ includes all types of photographs, pictures, animations, movies, or drawings.
All employees granted Internet access through Devereux’s network will be provided with a written copy of this policy. All company employees using the Internet must sign a form with the following statement:
“I have received a copy of Devereux’s Internet Safety policy. I fully understand the terms of this policy, and I agree to abide by them. I realize that Devereux’s security software may record for management usage the Internet address of any site I visit and keep a record of any network activity in which I transmit or receive any kind of file. I acknowledge that any message I send or receive may be recorded and stored in an archive file for management review. I understand that any violation of this policy could lead to disciplinary action or possibly even criminal prosecution.”
Policy Provisions
- Devereux reserves the right to record the address of each World Wide Web site visit, each chat, newsgroup, or e-mail message, and each file transferinto and out of its internal networks. No employee should have any expectation of privacy as to his or her Internet usage.
- The display of any kind of sexually explicit image or document on any company system is a violation of our policy on sexual harassment. In addition, sexually explicit material may not be archived, stored, distributed, edited or recorded using Devereux’s network or computing resources.
- To the extent practical, technology protection measures (or “Internet Filters”) shall be used to block or filter Internet, or other forms of electronic communications, access to inappropriate information.
- Specifically, as required by CIPA, blocking shall be applied to visual depictions of material deemed obscene or child pornographic, or to any material deemed harmful to minors.
- One of the CIPA allowances is that the technology protection measure may be disabled or, in the case of minors, minimized only for bona fide research or other lawful purposes.
- Specifically, as required by CIPA, prevention of inappropriate network usage includes: (a) unauthorized access, including so-called ‘hacking’, and other unlawful activities; and (b) unauthorized disclosure, use, and dissemination of personal identification information regarding minors.
- Devereux’s Internet facilities and computing resources must not be used knowingly to violate laws and regulations of the United States or any other nation, or the laws and regulations of any state, city or other local jurisdiction. Use of any company resources for illegal activity is grounds for immediate employee dismissal, and Devereux will comply with reasonable requests from law enforcement and regulatory agencies for logs, diaries and archives on individuals’ Internet activities.
- Employees and clients with Internet access may only download software with direct business use, and must arrange to have such software properly licensed and registered. Downloaded software must be used only under the terms of its license. Employees and clients with Internet access may not use company Internet facilities to download entertainment software or games, or to play games against opponents over the Internet. The use of non-business related streaming audio and video is prohibited (music, stock tickers, news streams).
- No employee or client may use the company’s Internet facilities to deliberately propagate any virus, worm, Trojan horse, trap-door program code or any form of destructive programming.
- No employee or client may use the company’s Internet facilities, knowingly, to disable or overload any computer system or network, or to circumvent any system intended to protect the privacy or security of another user.
- Only those employees or officials who are duly authorized to speak to the media, to analysts or in public gatherings on behalf of Devereux may communicate, in the name of the company to any news group or chat room. Other employees may participate in news groups or chats in the course of business when relevant to their duties, but they do so as individuals in their professional capacities, and shall identify themselves honestly, accurately and completely (including one’s company affiliation and function, where requested). Employees must refrain from any unauthorized political advocacy and must refrain from the unauthorized endorsement or appearance of endorsement by the company of any commercial product or service not sold or provided by this company, its subsidiaries or its affiliates.
- The company retains the copyright rights to any material posted to or through any forum, news group, chat room, e-mail message or World Wide Web page by any employee in the course of his or her duties.
- Employees are reminded that chats and news groups are public forums where it is inappropriate to reveal confidential company information, customer data, trade secrets, and any other material covered by existing company secrecy policies and procedures.
- The company will limit Internet access to those employees who demonstrate a legitimate business need and are authorized by appropriate levels of management.
- Clients’ computers and computer networks must be completely separate from the employee network. This can be accomplished either by separate physical cabling to the router, or virtual VLAN setup on managed switches to the router. Clients may not use computers which have access to the employee network.
- Clients will be supervised and monitored during the usage of the online computer network and access to the Internet in accordance with this policy and the Children’s Internet Protection Act.
- Any employee who obtains a password or ID for an Internet resource must keep that password confidential. Company policy prohibits the sharing of users IDs or passwords obtained for access to Internet sites, as well as all internal Devereux systems.
- Employees should schedule communications-intensive business-related operations such as large file transfers, downloads, mass e-mailings and the like for off-peak times.
- Any file that is downloaded must be scanned for viruses before it is run or accessed.
- Employees or clients shall not attempt to disable, to defeat, or circumvent any company security facility.
- Computers that use locally attached modems bypass Devereux’s network security systems. Therefore, these modems must be removed. When business needs dictate, computers used with dial-up or leased-line connections to any outside computer or network must be physically isolated from Devereux’s internal network. Refer to the ‘Analog Line Security Policy’ for detailed information.
- Only those Internet services and functions having legitimate business purposes will be enabled in the Internet firewall.
- FTP transactional normally will be blocked by the firewall. Users with a specific business reason to use FTP must forward a written request for such assess to the IT department management.
- As required by the 2008 CIPA amendment, Devereux will educate its students about appropriate online behavior, including interacting with other individuals on social networking websites and in chat rooms, as well as cyberbullying awareness and response. Devereux is actively working on an on-line safety course for our students, which will include the aforementioned topics.
Questions or comments please contact us.