Catalog of Appropriate & Acceptable Use of Computing Resources
- The University of Oregon has an Acceptable Use Policy (AUP). The requirements for acceptable use of UO Computing Resources outlined in the AUP are guided by the following general principles:
- UO Computing Resources are intended to enable the university's research, instructional, administrative, and service-related functions. Uses beyond these functions must comply with existing university policies and procedures as well as state and federal law.
- UO Computing Resources are to be used and supported to ensure data confidentiality, integrity, and availability.
- Each user is expected to comply with UO Information Security policies and standards; and take necessary precautions as outlined in UO Information Security policies, standards, and guidelines to safeguard UO Computing Resources and to report policy violations or suspected security incidents.
- Each user is expected to use UO Computing Resources responsibly and to be considerate of other users of shared resources.
- Subject to law and applicable policy, authorized university personnel with a demonstrably legitimate need may access an individual’s specific UO Computing Resources to fulfill their official professional responsibilities (e.g., conducting security incident investigations by IT staff). See “Access and Review” below.
The entries in this document represent events, actions or behaviors that comply with the appropriate and acceptable use of UO Computing Resources.
As the university encounters new situations that require an evaluation as to whether they are in accordance with the principles stated above, the Information Security Office (ISO) staff and the Information Security and Privacy Governance Subcommittee (ISP-GC) will review the merits and render a decision. If the evaluation finds them acceptable, they will be logged into this document and tagged with the date of the finding. This analysis will not preclude the university from acting promptly to ensure the protection of the confidentiality, integrity, and availability of university data and computing resources.
If the analysis finds the action to be in violation of the principles of the AUP, it will be logged into the Catalog of Inappropriate & Unacceptable Use of Computing Resources.
Appropriate & Acceptable Use Entries
| Entry Date | Activity Description |
|---|---|
| 12/10/2025 | Use UO Computing Resources to perform activities that support the research, instruction, service, administration, and other goals of the university. Incidental personal use is permitted but is required to comply with university policies and standards, meet legal requirements, and not interfere with or disrupt university operations. |
| 12/10/2025 | Safeguard UO Computing Resources in accordance with policies, standards, and guidelines established by the university. As a User of UO Computing Resources, Users may be provided with computer access accounts, computing devices, access to the network, email accounts and other resources. Protect all personally identifiable information (PII), protected health information (PHI) and other sensitive data in accordance with applicable data privacy regulations (e.g., UO Privacy Policy, FERPA, HIPAA, GDPR, Oregon Consumer Privacy Act, California Privacy Rights Act). Users must take steps to increase their knowledge through UO security awareness training and follow UO policies, standards, and guidelines to properly safeguard these resources. |
| 12/10/2025 | Use UO Computing Resources after proper authorization has been granted. Generally, access is granted to UO Users based on two security principles: 1) least privilege, where the minimum privilege required to carry out approved activities is assigned to each User; 2) least functionality, where UO Computing Resources are configured to provide Users with the minimum functionality required to carry out their duties. |
| 12/10/2025 | Use UO Computing Resources in a responsible and efficient manner. UO Computing Resources (e.g., network bandwidth, storage, email system, and computer processing power) are finite and usually shared among our constituents. Therefore, Users are expected to use resources in a manner that minimizes impacts on other Users. |
| 12/10/2025 | Respect the privacy, intellectual property, copyrights and other rights of other UO Computing Resource Users. Academic inquiry, communication, sharing and collaboration, IT management and support, and information security must be balanced with privacy and other rights of UO constituents and must not improperly or illegally infringe on the intellectual property rights of others. |
| 12/10/2025 | Use UO Computing Resources in accordance with policies, standards, and guidelines established by the university such as the Conflict of Interest, Conflict of Commitment, and Outside Activities policy, and in accordance with bargaining agreements, state and federal laws, and contractual agreements. As a User of UO Computing Resources, Users may be provided with computer access accounts, computing devices, access to the network, email accounts and other resources. Users must take steps to increase their knowledge through UO security awareness training and follow UO policies, standards and guidelines to properly safeguard these resources. |
| 12/10/2025 | Use and protect UO Computing Resources assigned to you. As part of their affiliation with the university, Users may be assigned IT resources (e.g., computer access account, email account, network port, computers, office phone, peripherals, and mobile devices). Users are expected to bear responsibility for and may be held accountable for actions carried out with those resources. |
| 12/10/2025 | Include only material relevant to organizational matters in UO or departmental electronic communications, such as email, websites, or blogs. Personal websites, chat rooms, web logs (also known as blogs), video logs (also known as vlogs), and other forms of publicly available electronic communications hosted on or linked from UO computing resources and technology must comply with this Acceptable Use Policy and prominently include the following disclaimer: “The views, opinions and material expressed here are those of the author and have not been reviewed or approved by the University of Oregon.” |
| 12/10/2025 | Use only legal versions of copyrighted software in compliance with vendor license requirements. Abide by all applicable copyright laws and licenses. The University of Oregon has entered into legal agreements or contracts for many of its software and network resources which require everyone using them to comply with those agreements. |
| 12/10/2025 | Maintain university data and records within authorized information systems of record and in compliance with appropriate records retention policies. The university cannot guarantee appropriate safeguards for data or information hosted in information systems that have not been approved. Consequently, Users are expected to maintain university data and records within information systems that have been vetted and approved by the university. For example, use of unapproved third-party email systems, storage solutions or applications must be vetted and approved by the Information Security Office before such systems can be used to access, process or store University Records and data (e.g., follow guidelines on where to store UO data). |
| 12/10/2025 | While UO Computing Resources are to be used predominantly for university-related business, personal use is permitted so long as it conforms with this Policy and does not interfere with university operations or an employed User’s performance of duties as a university employee. As with permitted personal use of other resources, limited personal use of UO Computing Resources does not ordinarily result in additional costs to the university and may result in increased efficiencies. |
| 12/10/2025 | Protect all personally identifiable information (PII), protected health information (PHI) and other sensitive data in accordance with applicable data privacy regulations (e.g., UO Private Policy, FERPA, HIPAA, GDPR, Oregon Consumer Privacy Act, California Privacy Rights Act, etc.). |
| 12/10/2025 | Observe the copyright law as it applies to music, videos, games, images, texts and other media in both personal use and in the production of electronic information. The ease with which electronic materials can be copied, modified and sent over the Internet makes electronic materials extremely vulnerable to unauthorized access, invasion of privacy, and copyright infringement. |
Revision History
| Version | Published | Author | Description |
|---|---|---|---|
| 1.0 | 12/10/2025 | Information Security Office (ISO) | Original Publication |