Lab Security Standard

1 PURPOSE 

This standard outlines the guidelines and regulations governing the use of computer labs within the university campus to ensure equitable access, maintain the security and integrity of university resources, and create a conducive learning and working environment.


2 SCOPE 

This standard applies to all university departments, units, employees, contractors, and third-party service providers who handle university data and information systems.


3 STANDARD 

3.1 Access Control:

• Access to computer labs is primarily for registered students, faculty, and staff. Visitors may use computer labs with prior authorization.

• Users or sponsors may be asked to present a valid university identification or visitor passes to gain access.

3.2 Hours of Operation:

• Computer labs will have designated operating hours, and users must adhere to these schedules.

3.3 Prioritization:

• Academic and research purposes take precedence over personal use during peak hours.

3.4 User Responsibilities:

3.4.1 Respect and Conduct:

  • Users must conduct themselves in a respectful and courteous manner, refraining from disruptive behavior, harassment, or misuse of lab equipment.

3.4.2 Software and Data:

  • Users are responsible for adhering to software licensing agreements and copyright laws.
  • Do not install, remove, or modify software on lab computers without authorization.
  • Save personal data to external or cloud storage system, such as one drive, etc. devices. The university is not responsible for data loss.

3.4.3  Security:

  • Users must log out of computers when finished and report any suspicious activity to lab staff or the USNH IT Department (ET&S).
  •  Do not share login credentials.

4.4.4 Cleanliness:

  • Keep the lab environment clean and tidy, disposing of trash properly.
  • Report any damage or equipment issues to lab staff promptly. 

4.4.5 Food and Drink:

  • Food and drinks near IT equipment is prohibited in computer labs to prevent damage to equipment.

4.5 Lab Equipment:

4.5.1 Equipment Use:

  • Priority use for lab equipment is for academic and research-related tasks.
  • Report malfunctioning equipment to lab staff immediately.

4.5.2 Printing:

  • Follow university printing policies and guidelines.
  • Do not waste paper or supplies.

4.6 Network and Internet Use:

4.6.1 Network Access:

  • Priority use for the university network is for academic, research, and administrative purposes.
  • Unauthorized access to the network or tampering with network settings is prohibited.

4.6.2 Bandwidth Usage:

  • Try to avoid excessive bandwidth usage for non-academic purposes during peak hour, such as music videos or movies that are for non-academic purposes.

4.7 Privacy and Data Security:

4.7.1 Data Privacy:

  • Respect the privacy of others and do not access or attempt to access their files or data without permission.

4.7.2 Personal Devices/Workstations:

  • Do not connect personal workstations to the lab wired lab network without ET&S authorization. Consider using the USNH wireless network for personal devices.

4.8 Security and Compliance:

4.8.1 Security Awareness:

  • Complete annual security awareness training sessions provided by the university.

4.8.2 Non-Compliance:

Violations of this policy may result in loss of lab access privileges and disciplinary action.

4.8.3 Patching and Software Updates:

To minimize disruptions for students and faculty, patching and software updates for computer labs across the university system will be scheduled during semester breaks or other off-peak periods rather than during active academic sessions. This approach ensures that critical updates and security patches are applied without interfering with lab availability or instructional activities. By conducting patching during these less busy times, ET&S can reduce the risk of system downtime, provide a more stable environment for users, and ensure that all lab machines remain secure and up to date.


DOCUMENT HISTORY

  • Approved by: Thomas Nudd, CISO
  • Reviewed by: Dr. David A Yasenchock, Director, Cybersecurity GRC
  • Revision History: V 1.0
    • Revised formatting, K SWEENEY, May 30, 2024
    • Added Section 4.8.3, C GREBLOSKI, December 17, 2024