Search
School of Informatics and Computing Menu

Electronic Mail Security Policy

Purpose

The purpose of this policy is to establish appropriate uses of electronic mail for communications.  In addition, this policy informs the SOIC email user community how privacy and security apply to email, as well as the applicability of relevant policy and law.  This policy is based upon Indiana University’s Email Use policy.  This policy will not supersede any Indiana University developed policies and procedures but may introduce more stringent requirements than the university policy.

Scope

All employees and faculty of SOIC; as well as vendors, contractors, partners, students, collaborators and any others doing business or research with the SOI will be subject to the provisions of this policy.  Any other parties, who use, work on, or provide services involving SOI computers and technology systems will also be subject to the provisions of this policy.

Definitions

Email is defined as the Indiana University (IU) Messaging System for transmitting electronic [written] messages.

SOIC email mailing lists is defined as a list of official email addresses of SOIC personnel.

Email user is defined as any faculty, student or staff member who has been assigned an IU email address and/or who has access to the IU Messaging System.

Policy

Anyone who uses the IU Messaging System shall not use email as a form of communication for messages containing sensitive information unless the communication is protected by appropriate security measures (i.e., encryption).

The SOIC technology staff will approve the means for protecting the security of the electronic communication.

Email shall not be used to conduct personal business involving any for-profit enterprise not tied to the university.

The IU Messaging System will not be used to propagate chain letters, spam, or any other form of junk mail.

SOIC email mailing lists must not be distributed to third parties for commercial purposes.

Violation of Policy

If it is suspected that this policy is not being followed, report the incident to the Executive Associate Dean or the Director of Technology Services.  Any exceptions to this policy must be approved in advance by both the Executive Associate Dean and the Director of Technology Services.

Enforcement

Any person found to have violated this policy will be subject to appropriate disciplinary action as defined by the provisions of Indiana University Policy IT-02, Policy on Sanctions for Misuse or Abuse of Indiana University Technology Resources.