Return to Table of Contents
NUMBER: 870
SUBJECT: SOFTWARE REGULATIONS
AUTHORIZING BODY: VICE PRESIDENT FOR ACADEMIC AFFAIRS AND PROVOST
RESPONSIBLE OFFICE: UNIVERSITY TECHNOLOGY SERVICES
DATE ISSUED: SEPTEMBER 1987
LAST UPDATE: MAY 2006
RATIONALE:
Oakland University (“University”) licenses numerous software programs for its own use. The University enters into a license agreement with the owner of each software program pursuant to which the University assumes certain legally binding obligations which must be followed by its employees. This policy seeks to reduce University exposure in critical areas, improve vendor accountability, and assure software use in compliance with license restrictions and copyright.
POLICY:
University Software must be acquired using standard University purchasing procedures. If entering into a Software licensing agreement, the agreement must be reviewed by the Office of Purchasing and Risk Management prior to purchase. If Software is intended for installation on a server, is intended to process or handle confidential data as defined in University policy #860 Information Security, is intended for shared use in the University enterprise, or is intended to have broad access over the University network, the purchase must be reviewed by University Technology Services prior to purchase.
All University employees and users of University-licensed Software shall use the Software only in accordance with the license agreement. The University does not allow the installation of any Software without a valid license on University Information Technology Resources.
DEFINITIONS:
a. Information Technology Resources
Information Technology Resources includes without limitation, desktops, laptops, workstations, servers, appliances, application or hosting service provider services (ASPs), network devices, and any other hardware that makes possible the transmission, storage or use of Software.
b. Software
Software means electronically stored computer instructions, operating systems, utilities, applications and related documentation.
SCOPE AND APPLICABILITY:
This policy is applicable to all persons utilizing Software installed on any University Information Technology Resources. This policy also applies to all situations where University funds are used for Software purchase, either centrally or departmentally.
PROCEDURES:
1. SOFTWARE ACQUISITION
The University will make every effort to centrally fund Software that will either: (1) be adopted as a University-wide standard; (2) be integral to the University’s technology infrastructure; (3) be implemented as part of a University initiative; or (4) allow the University to realize economies of scale. Every effort will be made to avoid duplicative Software purchases.
2. SOFTWARE LICENSE USE
University use of Software shall be in compliance with the license agreement. No University employee shall violate the terms of a license agreement. Transferring possession of any copy, modification or merged portion of any licensed Software, whether gratuitously or for gain, shall be a violation of this policy and is prohibited by the University. Such conduct may also violate state and federal law.
University employees who make, acquire, or use unauthorized copies of computer Software or otherwise violate this policy shall be subject to discipline in accordance with University policy and may also be subject to personal liability.
Personally owned Software may be installed on University Information Technology Resources if the individual owner maintains a valid copy of the license with the device (i.e., a valid copy of the license must be kept with the computer). If an individual cannot produce a valid license upon request, the Software must be removed.
Software may not be installed on any University server without a valid license that allows for server installation and shared use of the Software.
Software licensed by the University may not be installed on any device other than the device specified on the license.
The Office of Purchasing and Risk Management must provide advance review and approval of contracts, purchase agreements and licenses for the acquisition of Software that either (1) costs $2,500 or more, (2) requires a site license or site license agreement, or (3) handles Confidential Data, as defined in University Policy #860 Information Security. A University employee may acquire Software without the involvement of the Office of Purchasing and Risk Management, if the Software costs $2,500 or less, does not require a site license, and does not handle Confidential Data. However, the University employee purchasing such Software shall be individually responsible for understanding and complying with the terms of any applicable Software license or other agreement, regardless of whether the license or agreement appears in paper, electronic, click-wrap, shrink-wrap, or any other form.
3. SOFTWARE MANAGEMENT
Software is intended for the use specifically authorized in the applicable Software license agreements and remains the intellectual property of the owner and is protected by copyright or patent.
Each Software license will have documented rules for appropriate installation and use, and metrics for payment for such use. Metrics may include seat count, named user list, installation count, processor count, University enrollment data, fixed monthly fee, site license or a variety of other metrics depending on the Software, the category of Software and the vendor. The University department or unit acquiring Software is responsible for verifying appropriate installation and use of the Software and for maintaining documented records in support of the required metrics.
4. OPERATIONS
Software installations cannot impair the operation of University network and servers. Software installations may also have risks for desktops, causing slow or unreliable performance. If found to be in conflict with University educational, business, network or server operations, Software will be removed, or the hardware running the Software will be disconnected from or otherwise blocked from network connectivity, in compliance with policies #850 Network Policy and #890 Use of Information Technology Resources.
5. RESPONSIBILITY
The responsibility for complying with this policy rests with each employee. Employees shall report any violations to their unit supervisors. Unit supervisors shall report violators for appropriate investigation and discipline. The individual with signing authority for purchase of Software, or that individual’s designee, is responsible for understanding the license installation, license use metrics, vendor management, and the ongoing verification of license compliance. Violations will be sanctioned according to University policy, including without limitation, #890 Use of University Information Technology Resources.
RELATED POLICIES
The use of Software generally requires strong systems administration, and systems must be administered in compliance with University policy #880 System Administration Responsibilities. Data used in conjunction with Software must be controlled and managed in compliance with University policy #860 Information Security. Installation of Software to be used on the University network must be compliant with policy #850 Network Policy. Software used on University Information Technology Resources must comply with policy #890 Use of Information Technology Resources.