Use of Brown Information Technology Resources and Data is contingent upon Users of such resources abiding by the following standards of behavior:

• Users must adhere to the Brown University Code of Conduct and the Code of Student Conduct, as well as all Brown University policies, standards, procedures, and guidelines.
• Users must adhere to applicable federal and state laws and regulations, Brown University contractual agreements, licensing agreements, third-party copyrights, patents, trademarks, and software license agreements.
• Users may only use those Information Technology Resources and Data that they have been authorized to use and may use them only to the extent authorized and in a manner that is consistent with the mission and values of Brown University.
• Users may not circumvent, bypass, or impede security measures, requirements, or any standard protocols in place to ensure the confidentiality, integrity, and availability of Brown University Information Technology Resources and Data.
• Users must respect the rights and privacy of all Brown University Information Technology Resource Users.
• Users may not use Information Technology Resources in any manner that risks Brown University’s 501(c)(3) non-profit status.
• Users may not use Information Technology Resources for personal commercial purposes of personal financial or other gain.
• Users must refrain from disproportionate uses of Information Technology Resources that have the likelihood of consuming an unreasonable amount of resources, disrupting the intended use of these resources, or impinging the access of others.

Users of Information Technology Resources are responsible for the content of their individual communications and may be subject to personal liability resulting from that use. Brown University accepts no responsibility or liability for any individual or unauthorized use of Information Technology Resources by Users.

Incidental personal use of Brown University Information Technology Resources is allowed, provided such use does not:

• Unreasonably interfere with the use of Information Technology Resources by other Users, or with Brown University’s operation of Information Technology Resources.
• Interfere with the User’s employment or other obligations to Brown University.
• Circumvent or compromise any measures put into place by the Brown University Information Security Program.
• Violate any applicable laws or regulations.
• Violate this or other applicable Brown University policies, standards, procedures, or guidelines.

Users are responsible for following this policy and the standards of behavior listed in this policy when using personally owned devices for accessing Brown University Information Technology Resources and Data. Users must also comply with all other Brown University policies, standards, procedures, and guidelines governing the type of device and the type of Data involved. In addition, Users must implement the Brown University Minimum Security Standards for Desktop, Laptop, Mobile, and Other Endpoint Devices on any personally owned devices used to access Brown University Information Technology Resources and Data.

In addition, Users have no expectation of privacy regarding any Brown Data residing on personally owned devices, regardless of the reasons Brown Data was placed on the personal device. In some cases, such as to comply with applicable federal and state laws and regulations, Brown policies, or Brown contractual agreements, or to gather information related to investigations or pending or potential litigation, the University may be required to request that a User turn over or provide appropriate access to Brown Data on the User's personally owned device. In such instances, and for the University to carry out its obligations, authorized personnel may access the entirety of the device, search it using specialized software configured with appropriately tailored criteria, review the information found by the search, and disclose relevant portions to University officials who are duly authorized to receive it.

Brown University Information Technology Resources and Brown Data are the private property of Brown University. The normal operation and maintenance of Brown’s Information Technology Resources require Data integration between systems, backup and caching of Data, the logging of activity, automated monitoring of general usage patterns, the use of Data protection technologies, and the use of other technologies to ensure the proper operation, preservation, and protection of Brown Information Technology Resources and Data. Brown University has the right, without prior notice, to monitor, access, preserve, disclose, and secure the custody of its Information Technology Resources and any data created as a result of the operation and use of Brown Information Technology Resources or otherwise transmitted through Brown Information Technology Resources. For these reasons, Users have no presumption of privacy concerning Data stored on or processed by Brown Information Technology Resources.

Nonetheless, Brown University respects the reasonable privacy expectations of its students, faculty, and staff in their use of Brown University Information Technology Resources in the interest of promoting intellectual and academic freedom and an open, collegial atmosphere. Brown University staff members responsible for the operation of Information Technology Resources do not routinely monitor the content of user Data stored or communicated using Information Technology Resources as part of these operational duties. Access and disclosure of such data is only permitted in accordance with Brown University Electronic Information Policy.

Brown University makes no warranties of any kind, whether expressed or implied, concerning the Information Technology Resources that it provides. Brown University is not responsible for damages resulting from the use of Information Technology Resources, including but not limited to loss of Data resulting from delays, non-deliveries, missed deliveries, service interruptions caused by the negligence of a Brown University employee, or by any User’s error or omission. Brown University specifically denies any responsibility for the accuracy or quality of information obtained through Information Technology Resources, except material that is presented as an official record of Brown University.

• ​​​​​​Brown University Code of Student Conduct
• Email Policy
• Network Connection Policy
• Passwords Policy

• Electronic Information Access Policy

• N/A

• N/A

• Report a Brown Security Incident 
• Minimum Security Standards for Servers
• Minimum Security Standards for Desktop, Laptop, Mobile, and Other Endpoint Devices