IT AUDIT POLICY
The purpose of this policy is to advise users of security scanning procedures and precautions used by Nicholls State University to audit their network and systems. Other persons or entities, unless authorized, are prohibited from performing any such audits.
Audits may be conducted to:
- Ensure integrity, confidentiality and availability of information and resources.
- Investigate possible security incidents to ensure conformance to Nicholls State University security policies.
- Monitor user or system activity where appropriate.
This policy covers:
- All computer and communication devices owned or operated by Nicholls State University.
- Any computer or communication device connected to the Nicholls State University network.
- Any computer or communication device which has been connected to the Nicholls State University network, if it is believed such computer or communication device has been used contrary to any Nicholls State University Information Technology policy while so connected.
- All computers and communication devices that are attempting in any manner to interact or interface with the Nicholls State University network.
Nicholls State University shall utilize auditing software to perform electronic scans of their networks, servers, switches/routers, firewalls, and/or any other systems at Nicholls State University. This also includes scans of any electronic communication and e-mails regardless of by or to whom the communications are sent.
This access may include:
- User level and/or system level access to any computing or communications device
- Access to information (electronic, hardcopy, etc.) that may be produced, transmitted or stored on Nicholls State University equipment or premises
- Access to work areas (labs, offices, cubicles, storage areas, etc.)
- Access to interactively monitor and log traffic on Nicholls State University networks.
- Penetration testing
- Password Auditing
- Scanning for Personally Identifiable Information
Any employee found to have violated this policy may be subject to disciplinary action, up to and including termination of employment.
Nicholls State University Network
Being connected to a Nicholls State University network includes the following:
- If you have a network capable device (ex. laptop) plugged into a Nicholls State University owned building, then you are connected to the Nicholls State University LAN (local area network).
- If you have a wireless capable device (ex. laptop, iPhone) and connect to NSUnwired or NSUSecure Wireless Network, then you are connected to the Nicholls State University WLAN (wireless local area network).
- If you connect from a computer through the Nicholls State University VPN (virtual private network), you are then connected to the Nicholls State University LAN (local area network).
LAST REVISED: 09:2019