Educause Security Discussion mailing list archives
Re: computer use policy
From: Gary Flynn <flynngn () JMU EDU>
Date: Thu, 15 May 2003 14:57:16 -0400
John Isenhour wrote:
I've always found that policy documents need to stay a bit nebulous rather than specific in order to remain effective, so using "disruptive" or "illegal" is better than "KaZaa".
One model that we've explored is to have a policy remain in its natural nebulous state <grin> but reference a "standard" that spells out specifics. Ergo, policy may mention a responsibility to follow university software standards while the standard itself is the proverbial living document that specifically lists approved or banned software packages according to issues and technologies of the day.
Academic policy is fundamentally different from some business or military type policy in that ours is "you can do anything but this" where as the other is "you can only do this and nothing else".
With the "you can do anything but this" strategy, one can still accomplish quite a bit if the "this" is defined in general terms rather than in specifics. -- Gary Flynn Security Engineer - Technical Services James Madison University ********** Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at http://www.educause.edu/memdir/cg/.
Current thread:
- computer use policy John Isenhour (May 15)
- <Possible follow-ups>
- Re: computer use policy Gary Flynn (May 15)
- Re: computer use policy Ken Shaurette (May 16)
- Re: computer use policy Randy Marchany (May 16)
- Re: computer use policy Bruhn, Mark S. (May 16)