Ability given to individual or groups of users to use information stored on or via University resources. This includes but is not limited to the ability to read, write, view, create, alter, store, retrieve, and disseminate information.

That combination of user name and password that provides an individual with access to a computer system or computer network

Administrators or designees with the authority to make decisions about or approve a specific action, activity, service or use of a specific resource

Applies to individuals without the authority or permission, as defined by the University, to initiate or approve an activity or service and/or to access or use a specific resource

Non-State and self-support organizations affiliated with the University, including Cal Poly Foundation and Associated Students, Inc. (ASI)

Method for sending a uniform message to an entire set of users qualified by membership in a definable group such as faculty, staff, students, engineering majors, etc.

Information technology resources implemented and managed by Information Technology Services. Examples include the Cal Poly network and modem pool, IBM mainframe, central UNIX servers, open access computing labs, "smart" classrooms, training lab, etc.

An e-mail message asking the recipient to indiscriminately forward or pass it along; may involve money-making pyramid schemes or be disguised as innocent (e.g., collecting post cards for a dying child) or helpful (e.g., warnings about computer virus hoaxes)

An activity conducted for commercial/private profit or gain or non-profit fundraising. This includes but is not limited to soliciting sales or funds, marketing or advertising a product or service, posting an advertisement to a newsgroup, and reselling University resources. University authorized commercial activities are excepted, e.g., El Corral Bookstore and Enterprise Project sales. Detailed guidelines are being developed to clarify exceptions.

Any computing resource, service, or network system, including workstations, servers, networks, storage devices, peripheral equipment, input/output and connecting devices, data processing functions, and related records, programs, software and documentation.

Copying, distributing, publicly performing, publicly displaying a copyrighted work, or creating a derivative work, without the permission of, or a license from, the copyright owner

Any electronic method used to communicate, including but not limited to electronic mail, the Internet/World Wide Web, video recordings, facsimiles, pagers, telephones, etc. Electronic communications has the same meaning as the term defined in Subsection 12 of Section 2510 of Title 18 of the United States Code.

Electronic method of sending and receiving messages from and to electronic addresses associated with specific owners

The automated or otherwise forwarding of an e-mail message to multiple recipients triggered by the content of the mail message being forwarded

Federal law protecting students (and former students) from the release of educational related records retained by the University

Activities that interfere with the primary intended use of supporting instructional activities, e.g., excessive game playing

Any data or information stored in digital form and the computer systems or other means used to access that information.

The administrative entity charged with implementing and managing campuswide information technology resources under the direction of the Vice Provost/Chief Information Officer.

Information about individuals and departments that is recorded, maintained, administered and retained by the University, e.g. information in student records and employee files, financial data, etc.

Inventions, discoveries, innovations, and literary and artistic works that may be patented, copyrighted, trademarked or licensed for commercial purposes

Information Resources Management Policy and Planning Committee is chaired by the Vice Provost/Chief Information Officer and charged with ongoing assessment of strategic plans and policies related to campuswide management and use of existing and planned information systems and services

The practice of bombarding someone with a large volume of unsolicited mail in an attempt to disrupt them or their site

A standard practice by information technology resource administrators of reviewing transaction activity and other similar logs generated by the system/network, analyzing performance anomalies and traffic patterns, and/or running programs designed to identify the source of a specific problem, alarm or pattern potentially indicative of illegal or inappropriate use

A group of computers and the associated equipment and transmission media used for the purpose of sending and receiving data, voice or video signals

A networked device includes but is not limited to the following types of equipment assigned to individuals, departments, clubs, auxiliary organizations or individuals from off-campus utilizing university network resources: personal computers, laptops, workstations, wireless devices (e.g. PDAs, laptops, handheld phones, base stations or pods), networked printers/copiers, servers, switches, routers, hubs, mini-hubs, splitters, wireless access points, firewalls, network security devices, network appliances, modem pools, or any device that is network-capable and connected to university network resources.

A network communication device includes but is not limited to the following types of equipment assigned to individuals, departments, clubs, auxiliary organizations or individuals from off-campus utilizing university network resources: switches, routers, hubs, mini-hubs, splitters, wireless access points, firewalls, network security devices, network appliances, modem pools, or any device connected to university network resources whose function is to transport electronic information.

Maintaining optimum performance and availability of information technology resources in support of the University mission

E-mail discussion group using a "news" message distribution protocol organized around named topics. Newsgroups can be global, regional, or local with regard to their access and distribution. While messages are submitted using e-mail, they are read from a central repository instead of being delivered to individual e-mail addresses.

Receiving money or other goods or services as a result of soliciting, promoting, selling, marketing or advertising products or services

In the context of disclosure of system security breaches: Individual’s first name or first initial and last name in combination with any one or more of the following data elements, when either the name or the data elements are not encrypted: (1) Social Security number; (2) driver’s license number of California Identification Card number; (3) account number (which could include a student identification number), credit or debit card number, in combination with any required security code, access code, or password that would permit access to an individual’s financial account (Ref: California Civil Code 1798 - Information Practices Act of 1977 – as amended in 2002

NOTE: The Family Educational Rights and Privacy Act (FERPA) provides additional protection for student educational records.

Promoting, advocating or supporting a specific candidate, political party or issue

Using software to access or query all known TCP ports on a system to try to identify which services and levels of security are associated with those ports. A method for determining if a network or system can be compromised.

Indiscriminate mailing or forwarding of unsolicited e-mail to a larger group of users

Person responsible for administering the hardware, operating system, and software that constitutes a computer system or network

An alias established on Central UNIX by a system administrator, using addresses contained in a file that can be edited by the alias owner

See "Computer System"

A process, method, plan, formula or other information unique to a manufacturer, which gives it an advantage over competitors, and therefore must be kept secret to be of special value. May be legally protected against use or revelation by others.

A name, symbol, or other device identifying a product, legally restricted to the use of the owner or manufacturer

A malicious, security-breaking program that is disguised as something benign, e.g., a directory lister, archiver, or game

The institution as a whole or the collective authority of the institution represented by established policies and designated officials responsible for enforcing them

Any resource belonging to or employed by the University, including equipment, facilities, and staff

Anyone who has been provided access to Cal Poly’s information technology resources, including the general public

The University authority responsible for notifying a specified set of users whose unencrypted personal information was, or is reasonably believed to have been, disclosed to an unauthorized person due to a breach in security on a campus computing system (Reference: Appendix D, Policy Implementation and Practices)

A program that searches out other programs and "infects" them by embedding a copy of itself in them. When these programs are executed, the embedded virus is executed too, thus propagating the "infection." A virus may write messages on the terminal, or play strange tricks with the display or cause irreversible damage such as deleting all of a user's files. Unlike a worm, a virus cannot infect other computers without assistance.

Web page files (beginning with an initial home page) located on a campus server and owned through a computer account by University faculty, staff, students, administrative units, organizations, clubs and auxiliaries

A program that propagates itself over a network, reproducing itself as it goes