Electronic Mail Policy
1.0 Purpose
2.0 Scope
3.0 Policy
3.1 Brown Email Addresses and Accounts
3.2 Acceptable Use Under University Policies
3.3 Security and Privacy of Email
3.4 Best Practices in Use of Email
4.0 Related Policies and Links
1.0 Purpose
Brown's email services support the educational and administrative activities of the University and serve as a means of official communication by and between users and Brown. The purpose of this policy is to ensure that this critical service remains available and reliable, and is used for purposes appropriate to the University's mission.
2.0 Scope
This policy applies to all members of the Brown community who are entitled to email services, as detailed in the Computing Privileges document.
3.0 Policy
Brown provides electronic mail (email) services to faculty, staff and students, and to other affiliated classes of individuals, including alumni and official visitors. Use of Brown email services must be consistent with Brown's educational goals and comply with local, state and federal laws and university policies.
3.1 Brown Email Addresses and Accounts
Faculty and Staff
Email services are available for faculty and staff to conduct and communicate University business. Incidental personal use of email is allowed with the understanding that the primary use be job-related, and that occasional use does not adversely impact work responsibilities or the performance of the network.
Email services are provided only while a user is employed by the University and once a user's electronic services are terminated, as specified in the document Computing Privileges, employees may no longer access the contents of their mailboxes.
Faculty and staff email users are advised that electronic data (and communications using the University network for transmission or storage) may be reviewed and/or accessed by authorized University officials for purposes related to University business. Brown has the authority to access and inspect the contents of any equipment, files or email on its electronic systems. The document Procedures for Emergency Account and Information Access delineates the circumstances and process for handling these exceptions.
Students
Email services are available for students to support learning and for communication by and between the University and themselves. The services are provided only while a student is enrolled in the University and once a student's electronic services are terminated, as specified in the document Computing Privileges, students may no longer access the contents of their mailboxes.
Student email users are advised that electronic data (and communications using the University network for transmission or storage) may be reviewed and/or accessed in accordance with Brown University's Acceptable Use Policy. Brown has the authority to access and inspect the contents of any equipment, files or email on its electronic systems.
Alumni and Others
Individuals with special relationships with Brown, such as alumni or official visitors, who are neither employed nor enrolled at Brown, are granted limited email privileges, including an email address, commensurate with the nature of their special relationship. Brown is free to discontinue these privileges at any time.
3.2 Acceptable Use Under University Policies
Email users have a responsibility to learn about and comply with Brown's policies on acceptable uses of electronic services. Violation of Brown policies (including this one) may result in disciplinary action dependent upon the nature of the violation. Examples of prohibited uses of email include:
- Intentional and unauthorized access to other people's email;
- Sending "spam", chain letters, or any other type of unauthorized widespread distribution of unsolicited mail;
- Use of email for commercial activities or personal gain (except as specifically authorized by University policy and in accord with University procedures);
- Use of email for partisan political or lobbying activities;
- Sending of messages that constitute violations of Brown's Standards of Student Conduct or the Employee Responsibilities & Rights handbook.
- Creation and use of a false or alias email address in order to impersonate another or send fraudulent communications;
- Use of email to transmit materials in a manner which violates copyright laws.
3.3 Security and Privacy of Email
Brown attempts to provide secure, private and reliable email services by following sound information technology practices. However,Brown cannot guarantee the security, privacy or reliability of its email service. All email users, therefore, should exercise extreme caution in using Brown email to communicate confidential or sensitive matters.
3.4 Best Practices in Use of Email
Confidential Information
When sending confidential information, it is strongly recommended that the user encrypt the message in an approved method as described in the Data Storage and Transmission section of the document "Guidelines for Safeguarding Information". Users transmitting confidential documents as email attachments must password protect them, or utilize other secure methods as referenced in "Password Protection of Documents".
Viruses and Spyware
Brown email users should be careful not to open unexpected attachments from unknown or even known senders, nor follow web links within an email message unless the user is certain that the link is legitimate. Following a link in an email message executes code, that can also install malicious programs on the workstation.
Identity Theft
Forms sent via email from an unknown sender should never be filled out by following a link. Theft of one's identity can result. More information about the risks of identity theft can be found at Information Security @ Brown: Identity Theft.
Password Protection
Brown's policy requires the use of strong passwords for the protection of email. A strong password should contain digits or punctuation characters as well as letters. The Computing Password Policy contains information on how to choose and maintain compliant passwords.
Departmental Email Boxes
Departments that provide services in response to email requests should create departmental email boxes. Shared mailboxes may help support departmental functional continuity for managing requests sent via email. Further information about this service can be found in the document Sending/Receiving Email for Departmental IDs.
Forwarding Email
Brown email users may choose to have their email delivered to a CIS-managed mailbox or forwarded to another mail repository. However, a non-Brown forwarding address should not be used if there is a reasonable expectation that confidential information will be exchanged. Email is not considered a secure mechanism and should not be used to send information that is not considered public.
Staff email users on an extended absence should create an Out Of Office message, which should include the contact information for another staff member who can respond while the user is away from the office. These procedures are described in section 3 of the document Procedures for Emergency Account and Information Access.
Staying Current
Official University communications such as urgent bulk email, course email, and Morning Mail should be read on a regular basis since those communications may affect day-to-day activities and responsibilities.
4.0 Related Policies and Procedures
The following listing if provided for the purpose of directing users to policies and procedures that are related to use of email, but it is not exhaustive of all university policies and procedures that might have application to email usage.
Acceptable Use
Brown's Electronic Mail Standards
Bulk Email Guidelines
Computing Privileges
Form to Request Privileged Access
Terms of Service for Use of Google Apps for Education
Guidelines for Safeguarding Information
Morning Mail Submission Guidelines
Network Connection
Password Protection of Documents
Procedures for Emergency Account and Information Access
Sending/Receiving Email for Departmental IDs
Questions or comments to: ITPolicy@brown.edu
Interim Policy Effective Date: November 10, 2004
Policy Approved: May 23, 2007