Skip to main content
Concord Academy

Appendix I: Acceptable Use Policy for Technology Resources (AUP)

All requests regarding equipment, network administration, adding software or services, and help desk support services should be directed to tech_support@concordacademy.com or 978-402-2297. Please do this before attempting to add software, equipment, mobile apps, or online communications platforms or services to Concord Academy’s classes, clubs, facilities, or boarding community.

The AUP is designed to provide a framework for guiding appropriate use of school-provided technology resources and is not intended to be exhaustive. Users are expected to review and follow all policies as posted on CA Connect, posted physically near school technology resources, or otherwise disseminated to the community.

All students and employees are provided with designated storage areas within Google Drive (a cloud service) and/ or folders on a shared school server. Students should use these storage areas for all work related to their courses. CA’s IT services staff will make reasonable efforts to assure that all files, email, and other information stored on school servers can be restored in the event of a catastrophic system failure, but makes no commitment regarding recoverability of files stored locally or on other media. While the school uses due diligence in choosing its cloud service providers, the school cannot guarantee the reliability of these services or their ability to restore lost data.

In using the school’s technology resources, students and employees agree to abide by these guidelines:

  • Usernames and passwords are issued to individuals and are not to be shared. When leaving a computer unattended, logout to prevent others from gaining access.
  • Students and employees are not allowed to install software of any kind or make configuration changes to school-owned computer equipment.
  • Accessing accounts or files belonging to others is prohibited, and is illegal under state and federal laws. Subverting or attempting to subvert electronic or physical security mechanisms, or circumventing restrictions set by the system administrators is prohibited and is considered a violation of a major school rule.
  • Physical access to rooms, closets, or cabinets containing computer network equipment and servers is prohibited. Actual or attempted electronic access to configurations and other operational components of computer network equipment, including servers, is prohibited.
  • Because faculty and staff may have access to sensitive information (some of which is protected by law), students are prohibited from using faculty and staff computers for any purpose.
  • Students and employees are prohibited from sending messages, in any format, crafted to conceal or falsify the person, computer, or place that is their true source. Messages in this context would include email, instant messages, and any other data carried on the campus network.
  • The use of malicious or threatening language is prohibited. Viewing, storing, or distributing obscene, hate-related, or other offensive material using school-owned computers or the school’s network is prohibited.
  • Using school-owned computers, the school network, or other school resources in the course of illegal activity is considered a violation of a major school rule. It is illegal to download, store, use, or distribute software, music, movies, and other copyrighted materials unless they have been paid for by the individual using them, or unless the materials are clearly identified as public domain or freeware. Questions about fair-use exceptions should be directed to the library director. The school will cooperate with law-enforcement agencies investigating illegal activities that involve school-provided computer resources.

In addition to the guidelines above, on-campus use of personally owned computer equipment, including mobile devices, is subject to the following:

  • In order to access the school’s wifi network, students and employees must register their personally-owned devices.
  • To assure protection of school computers and those of other students and employees, all personally-owned computers and other equipment connected to the campus network must follow these security guidelines:
    • Computers must run an approved security software package, which is available for free from the school and can be installed as part of the network registration process. This software provides features to protect against viruses, spyware, adware, and other threats, but the school cannot guarantee that this software will protect from all possible threats. Due to the risks posed by email, file exchanges, and other contact with computers on the school network, the school expects that a personally-owned computer used for any school-related purpose will run a current, licensed, properly-configured virus/spyware protection product at all times, even if the computer will not be connected to the school’s network.
    • Devices may not act as any type of server on the school network, and users are expected to take great care to assure that their devices are configured to disable any program that could interfere with regular operation of the school’s network (e.g., DHCP, DNS, WINS, SMTP, POP3) or compromise the security of school resources.
    • IT services staff may disconnect without warning any device that disrupts normal operation of the school’s network or that shows indications of a virus, worm, Trojan horse, or other malicious program, and may take possession of the offending device until the underlying problem is resolved.
  • Because of security risks and interference with school systems, personally owned hubs, switches, wireless network access points (including cell phone mobile hotspots), and other network devices may not be used on campus unless authorized by the director of information technology.
  • By registering a personally owned computer or mobile device for use on the school network, users accept responsibility for any violations arising from use of that registered device.

Network and server activity logs (including information such as Web sites visited, email sent and received, and other items that may vary from time to time) are kept and reviewed by system administrators for maintenance and other purposes. If the school reasonably suspects that conduct in violation of a school rule, policy, or standard, the school reserves the right to inspect or monitor the contents of stored files, email, network traffic, or other information (including deleted files or other information that may be recovered from back-up tapes, hard drives, or other devices), with or without the user’s knowledge. The school may take this action on its own or in conjunction with law enforcement or other authorities as it deems appropriate under the circumstances.

While IT services staff will make reasonable efforts to assure a secure computing environment and privacy of personal information, the school does not and cannot guarantee privacy of users’ personal information on its network or equipment, nor does the school provide any guarantee against unauthorized access to such information. Cloud services used by the school (e.g., Google Apps) have separate policies and terms of service to which users are bound, and which the school cannot control.

Intentional physical or software damage to school-owned equipment will be considered vandalism. Unauthorized removal of school-owned equipment will be considered theft.

Student Violations of school technology-use policies will be addressed on a case-specific basis by the assistant head/academic dean in consultation with director of strategic technology and may result in suspension of privileges or an appearance before the Discipline Committee.

Employee Violations of school technology-use policies will be addressed on a case-specific basis at the discretion of the employee’s supervisor and/ or the head of school, in consultation with director of strategic technology and may result in a disciplinary response in accordance with the Concord Academy Employee Handbook.