Skip To Content

Search
You are here:  IT-Facilities > IT Policies

 Northern Maine Community College
Information Technology Office
General Procedures

 

Support Location and Hours of Operation

The Information Technology Office can be found just off the main lobby in the A.K. Christie Building.

Office support hours are Monday through Friday from 8:00AM to 4:00PM.

Release of Information

Due to the highly confidential information available to those with network access, it is the policy of the NMCC IT Office to verify a person’s identity before releasing secure information. Users will be asked to present a valid photo ID to receive information such as network or email login credentials. Information will not be given over the phone, by email or to parties requesting it on a user’s behalf.

In addition, this information can only be given to the user in one of three ways:

  1. In person at the NMCC Main Campus in the Information Technology office;
  2. By regular mail, to the address maintained on file in the Registration office;
  3. Through an Off-Campus Center director who will be bound by the same conditions above.

 

General Technology Policy

Use of Northern Maine Community College technology resources are for the sole purpose of delivering the college's mission of research, teaching and learning, and civic engagement as outlined in the MCCS Acceptable Use Policy. Eligible individuals are provided access in order to support their studies, instruction, duties as employees and other official business with the college. Individuals may not share with, or transfer to others, their account information including network IDs, passwords, or other access codes that allow them to gain access to information technology resources.

Technology resources may not be used in a manner that violates the law, for private commercial activities that are not approved by the school, for personal private gain, interference with the fulfillment of an employee’s job responsibilities or activities that are inconsistent with the college's tax-exempt status. Additionally, the acceptable use policy must be adhered to at all times to ensure the network is being used appropriately.

Technology Support

College Owned Computers

The technology staff is responsible for supporting the college-owned computers, telecommunication equipment, controls, networks and network infrastructure. To report a problem, users will be responsible for submitting a work order via the information portal. The technology support staff will respond and take appropriate action once the work order has been submitted.

Non-College Owned Computers

The Information Technology Office may not provide support for personally owned computers and technology.

 The technology support staff members are available for consultation and limited diagnostics if connecting to Northern Maine Community College technologies such as the wireless network and projectors. However, for issues other than those deemed minor by the IT staff, the owner will be directed to the original equipment provider or to local technical support vendors.

Wireless Access

Students, faculty and staff are provided wireless network access for the purpose of accessing network storage, the Internet and other technology resources provided by the College. The campus community will have access to the wireless network using their network ID and password.

The general public and guests of the College will also be afforded an opportunity to access the wireless network. Temporary network accounts will be provided and distributed at the library circulation desk. Users not enrolled at or employed by NMCC will need a driver’s license or two other forms of unique identification to obtain the temporary network ID. These accounts are disabled after seven days and removed from the system one month after issuance.

Minimum system requirements to access the NMCC wireless network:

    * Windows XP Service Pack 2
    * Mac OSX
    * Wireless 54 G adapter
    * The following must be installed, enabled and up to date:
          o Professional Antivirus (Norton, McAfee, Trend-Micro)
          o Personal Firewall (Windows XP, McAfee, Zone Alarm)

Waiver of Liability

The information technology staff ensures that all controllable situations are handled professionally, however, as a user of Northern Maine Community College’s network there are factors that are beyond the College’s control. These factors may include, but are not limited to: theft of unattended equipment, unsecured data transmission, natural disasters, electrical outages or other unforeseen circumstances that may hinder or affect the network, user’s equipment, and other College technology. As a network user, you agree to hold harmless the College, its staff and/or agents for any damages or adverse affects to your equipment resulting from the use of the network, accepting consultation or problem diagnosis by the College’s technology support staff or agents.

Violation of Usage and Support Policies

The use of NMCC network is a privilege, not a right. All students, faculty, staff and general public users are expected to adhere to the Usage and Support Policy along with the Acceptable Use Policy. Inappropriate use may result in a cancellation of those privileges and/or disciplinary action may be taken.
NMCC Acceptable Use Policy for College Information Resources
Primary Goal of Information Resources:

To support and enhance the educational activities of NMCC by providing access to additional resources, both within and external to NMCC and extending the opportunity for collaborative work.

The college encourages the use of college resources for these primary activities. These resources include, but are not limited to, hardware (including telephones, computers, and traditional media equipment) either owned or leased by the college, software, and consulting time (and expertise) of the computer staff.

The use of technology resources provided by the college for endeavors not directly related to enhancing and facilitating teaching, collaborative work, and applied research should be considered as secondary activities. Should such secondary activities in any way interfere with primary activities, they may be terminated or limited immediately.

Many of the technology resources of the college are shared among the entire college community. Everyone using those resources should be considerate of the needs of others and be certain that nothing is done to impede anyone else's ability to use these resources.

Such impediments may include, but are not limited to:

  • activities that obstruct usage or deny access to others
  • activities that compromise privacy
  • activities that harass
  • activities that are libelous
  • attempting to "hack" into any computer either at the College or elsewhere
  • activities that violate copyright laws
  • activities that violate college rules
  • destruction or alteration of data or information belonging to others
  • activities that violate local, state, or federal laws
  • unauthorized use of computer accounts
  • impersonating other individuals
  • creating, using or distributing, virus programs or programs that attempt to explore or exploit network security and/or other vulnerabilities
  • attempts to capture or crack passwords or break encryption protocols
  • allowing anyone else to use any of your account(s)
  • extensive use of resources for private or personal use

Questions or Problems:

The Information Technology Office, instructors, advisors, and supervisors can help clarify this policy or to help you resolve any other problem you encounter in using NMCC computing services and facilities.

Violation of Policy:

Any user who does not adhere to the Acceptable Use Policy(s) for the network(s) that the user is connected to may have his/her access to the NMCC network terminated. The use of NMCC network is a privilege, not a right, and inappropriate use may result in a cancellation of those privileges and/or disciplinary action taken under the MCCS policies and procedures and/or the NMCC Student Code of Conduct.


The NMCC policies recognize and amplify the MCCS Computer Network Acceptable Use Policy.

 MAINE COMMUNITY COLLEGE SYSTEM

GENERAL ADMINISTRATION

Section 203

 

SUBJECT: COMPUTER AND NETWORK USE

PURPOSE: To promote the responsible use of college and System computers and networks

 

As with any college system, the MCCS seeks to enhance opportunities for individual and collaborative learning and research. As a public institution with limited resources and distinct policy and legal obligations, the MCCS also needs to ensure that such uses are consistent with those resources and obligations. The goal of this policy is to balance these interests and promote responsible and secure use for all.

 A. Application

This policy applies to:

1. Each college and other entity of the MCCS;

2. All computing resources owned or operated by the MCCS including, but not limited to, all hardware, software, peripherals, networks, network components, accounts, physical and logical data, e-mail and all other data or information transmitted by such equipment (“computers”);

3. All employees, students and other persons who use such computers (“users”); and

4. In addition to any other computer use policy adopted by entities within the MCCS, and by entities outside the MCCS that operate resources accessed through or from the MCCS.

B. General Rules

1. Educational Priority

The priority use of MCCS computers is to provide direct support for learning, teaching and administration of MCCS programs. Such priority will govern access to MCCS computers.

2. Use is a Privilege, Not a Right

Use of MCCS computers and accounts thereon is a privilege, not a right. This privilege is limited by the provisions of this policy, any other pertinent policy or law, and may be withdrawn for violation thereof.

3. Limited Right of Privacy

Users may not have an expectation of privacy in their use of MCCS computers or networks. For example, the MCCS reserves the following rights:

a. Periodic Network Monitoring

The MCCS reserves the right to monitor periodically, randomly and without notice use rates, patterns, speed and system capacity to ensure the efficiency or integrity of the MCCS network and its computers. Such monitoring may proceed only by a person expressly authorized by the MCCS or college president;

b. Inspection of a Particular Account or Computer

The MCCS reserves the right to inspect those accounts, computers or files that the MCCS has reason to believe are misused, corrupt or damaged. Such inspection may proceed only by a person expressly authorized by the MCCS or college president and as advised by the MCCS general counsel; and

c. Access by Outside Agencies

User accounts, computers or files may also be subject to access in response to subpoenas, court orders, or other legal or regulatory requirements. Users will be notified as promptly as possible, unless notification is precluded by such subpoena or order.

4. Limited Designated Forum

The MCCS computer network constitutes a limited designated forum. This forum is designated for the limited purpose of helping students pursue, faculty to provide, and non-teaching staff to support the colleges’ education, training and related programs.

5. Time, Manner and Place Limitations

The MCCS reserves the right to limit certain uses on or through the MCCS computers at those times and locations that the MCCS determines are necessary to regulate system capacity and speed. These limitations apply, but are not limited to, the downloading of video, music, photographic and other large data files.

6. Website and Webpage Development and Management

Any website, web page or other portion of a website hosted by a server owned, operated or maintained by a college or the MCCS is the property and speech of the MCCS, and the MCCS reserves all rights to control the access to, content of, and all other aspects regarding such web pages or websites. The Presidents Council may adopt a procedure for controlling the development and management of such web pages and websites, including standards controlling links to web pages and/or websites that are not owned, operated or maintained by a college or the MCCS.


C. Specific Prohibitions

Conduct that violates this policy includes, but is not limited to, the following:

  1. Displaying, downloading, printing or distributing obscene, sexually explicit or sexually offensive images or text in a manner that constitutes sexual harassment or other violation of law;
  2. Violating copyright laws, including the unlawful reproduction or dissemination of copyrighted text, images, music, video and other protected materials;
  3. Using System computers for commercial activity, such as selling products or services;
  4. Unauthorized access to or use of a computer, computer account or network;
  5. Connecting unauthorized equipment to a college or MCCS network;
  6. Unauthorized attempts to circumvent data protection or security including, but not limited to, creating or running programs that identify security loopholes or decrypt secure data;
  7. Deliberately or negligently performing an act that will interfere with the regular operation of a computer;
  8. Deliberately or negligently running or installing a program that, by intent or effect, damages a computer, system or network. This includes, but is not limited to, programs known as computer “viruses,” “trojan horses” and “worms;”
  9. Deliberately or negligently wasting computing resources;
  10. Deliberately or negligently overloading computing resources, such as running excessive programs that use relatively substantial bandwidth and other resources. This includes, but is not limited to, peer-to-peer applications;
  11. Violating terms of applicable software licensing agreements;
  12. Using electronic mail to harass or threaten another person or organization;
  13. Initiating or perpetuating electronic chain letters or unauthorized mass mailings. This includes, but is not limited to: multiple mailings to news groups, mailing lists or individuals; “spamming;” “flooding;” and “bombing;”
  14. Misrepresenting or misappropriating the identity of a person or computer in an electronic communication;
  15. Transmitting or reproducing materials that are libelous or defamatory;
  16. Unauthorized monitoring of another user’s electronic communications; or reading, copying, changing or deleting another user’s files or software without authority;
  17. Communications that use public resources to promote partisan political activities;
  18. Communications that are not otherwise protected by law because they constitute, for example, defamation, incitement to unlawful conduct, an imminent threat of actual violence or harm, fighting words, terrorist threats, gross disobedience of legitimate rules, criminal or severe civil harassment or false advertising; and
  19. 19. Otherwise violating existing laws or System policies.


D. Enforcement

Violation of this policy may result in the loss of computing and/or network access; other disciplinary action; and/or appropriate civil or criminal legal action.

 

E. Security

Upon recommendations of the college and System directors of information technology, the Presidents Council shall adopt a procedure that provides adequate uniform security for all System and college computers and networks.

REFERENCES: 20-A M.R.S.A. §12706(1)

DATE ADOPTED: June 24, 2009

 

MAINE COMMUNITY COLLEGE SYSTEM
PROCEDURES MANUAL

GENERAL ADMINISTRATION
Section 203.1

SUBJECT: NOTICE OF RISK TO PERSONAL DATA
PURPOSE: To establish a procedure to provide notice of risk to personal data

I. Introduction
   This Procedure complies with the provisions of the Notice of Risk to Personal Data Act.

II. Definitions
   As used in this Procedure, the following terms have the following meanings:
      A. Breach of System Security
      "Breach of system security" means an:
         1. Unauthorized acquisition of College or System computerized data that compromises the security, confidentiality or integrity of an individual’s personal information maintained on a College or MCCS computer; and/or
         2. Authorized acquisition that is then used for an unauthorized disclosure of such personal information.

      B. Personal Information
      "Personal information" means the following information about an individual when such information is not encrypted or redacted:
            1. First name or first initial; and
            2. Last name; and
            3. Any one or more of the following:
               a. Social security number;
               b. Driver's license number or state identification card number;
               c. Account number, credit card number or debit card number, if such a number could be used without additional identifying information, access codes or passwords;
               d. Account passwords or personal identification numbers or other access codes; or
               e. Any of the data elements contained in paragraphs a through d above when not in connection with the individual's first name, or first initial, and last name, if the information if compromised would be sufficient to permit a person to fraudulently assume or attempt to assume the identity of the person whose information was compromised.

      "Personal information" does not include information available to the general public from federal, state or local government records, widely distributed media, or other lawful source.

      C. Unauthorized Person
      "Unauthorized person" means a person who:
            1. Does not have authority or permission to access such personal information; and/or
            2. Obtains access to such personal information by fraud, misrepresentation or similar deceptive practice.
 
      D. Information Broker
      “Information broker” means any person who, on behalf of a College or the MCCS, maintains computerized data that includes personal information.

III. Duty to Investigate

If an information broker becomes aware of a breach of system security, the information broker shall promptly contact the College and/or MCCS Director of Information Technology. Such Director shall then promptly inform the College President and commence a reasonable and good faith investigation to determine the likelihood that personal information has been or will be misused.

IV. Duty to Notify

If a College and/or MCCS Director of Information Technology determines that it is likely that personal information has been or will be misused as result of a breach, the College or MCCS Director of Information Technology shall provide the following notice.

A. Content of Notice

The notice shall contain the date of the breach; the information believed to be accessed; a summary of the college’s efforts in response to the breach; and a College or MCCS contact who upon request can provide additional information.

B. Recipients of Notice

The above notice shall be provided to:

1. A person whose personal information has been, or is reasonably believed to have been, acquired by an unauthorized person; and
2. The MCCS Director of Information Technology, who in turn shall notify the MCCS President; and
3. The MCCS General Counsel, who in turn shall notify the Maine Attorney General’s Office; and
4. In breaches affecting more than 1,000 persons at a single time, the following consumer reporting agencies shall also be notified:

a. Experian
P.O. Box 2002
Allen, TX 75013-2002
1-888-397-3742

b. Trans Union
P.O. Box 1000
Chester, PA 19022
1-800-888-4213

c. Equifax
P.O. Box 740250
Atlanta, GA 30374-0250
1-800-685-1111

However, the notice to these agencies shall only include the following: date of the breach, an estimate of the number of persons affected by the breach, if known, and the actual or anticipated date that persons were or will be notified of the breach.

C. Timing of Notice

Notice shall be given as expediently as possible once a College and/or MCCS Director of Information Technology determines that it is likely that personal information has been or will be misused as result of a breach. However, such timing shall be determined consistent with any:

1. Known legitimate needs of law enforcement; and
2. Measures necessary to determine the scope of the security breach and restore the reasonable integrity, security and confidentiality of the data in the system.

D. Means of Notice

Notice shall be by U.S. Mail to last known address. If, however, the cost of providing such notice would exceed $5,000, or if the number of persons to receive notice exceeds 1,000, or if the College and System does not have such an address, the following notice may be given instead:

1. E-mail notice to those whose email addresses are known; and
2. Conspicuous posting of the notice on the College’s or System’s publicly accessible website; and
3. Notification to major statewide media.

V. Complete Copy of the Law

For a complete copy of the Maine law governing this subject, see 10 MRSA §§1346-50-A available at http://janus.state.me.us/legis/statutes/10/title10ch210-B.rtf.


REFERENCES: 10 M.R.S.A. §§1346-50-A
DATE ADOPTED: January 24, 2007
DATE(S) AMENDED: January 26, 2010
MAINE COMMUNITY COLLEGE SYSTEM
 
GENERAL ADMINISTRATION
Section 203.2
 
SUBJECT: INFORMATION PRACTICES
PURPOSE: To provide notice of MCCS practices regarding personal information exchanged on MCCS
                     websites
 
A. Website Privacy Policy
 
The System and Colleges shall provide website notices regarding personal information exchanged on MCCS websites that comply substantially with the form set forth below.
 
B. Model Notice
 
   1. Typical Web Site Usage  
  • “You can visit our website to obtain information without telling us who you are and without revealing any personal information. The only information we collect and store during this type of normal use is the name of your Internet Service Provider, the website that referred you to us, the pages you request, and the date and time of those requests. This information is used to help us analyze trends and improve our site. When you use the website in this way, we do not collect or store personally identifiable information such as your name, mailing address, e-mail address, or phone number unless you have requested specific information through one of our on-line forms or have filled out one of our surveys.”
 
    2. Collection of Personally Identifiable Information 
  • “If you choose to provide personally identifiable information to us when using this site -- through a form, survey, or other type of correspondence -- the information is collected and stored in a manner appropriate to the nature of the data and is used to fulfill your request. Unless required to do so by the Maine Freedom of Access Act (FOAA), we do not share or otherwise disclose to other organizations or third parties the personal information you may have chosen to provide as a user of this site.”
 
   3. Links to Non-MCCS Sites
  • “This site contains content and other materials that link to web sites operated by third parties. We have no control over those sites and this Privacy Policy does not apply to them. You are encouraged to review the privacy policies of those other sites.”
 
REFERENCES: 20-A M.R.S.A. §12706 (1); and 1 M.R.S.A. §542
DATE ADOPTED: February 26, 2013
DATE(S) AMENDED:
NEARnet Network ACCEPTABLE USE POLICY

This statement represents a guide to the acceptable use of the NEARnet network for data communications. It is only intended to address the issue of NEARnet network use. In those cases where data communications are carried across other regional networks or the Internet, NEARnet network users are advised that acceptable use policies of those other networks apply and may limit use.

Member organizations are expected to inform their users of both the NEARnet network and the NSFNET acceptable use policies.

D.-I NEARnet Network Primary Goals

D. 1. 1 The NEARnet network has been established to enhance educational and research activities, and to promote regional and national innovation and competitiveness. The NEARnet network provides access to regional and national resources to Members, and access to regional resources from organizations throughout the United States and the world.
P>D-2 NEARnet Network Acceptable Use Policy

D.2.1 All use of the NEARnet network must be consistent with NEARnet's primary goals.

D2.2 It is not acceptable to use the NEARnet network for illegal purposes.

D.2.3 It is not acceptable to use the NEARnet network to transmit threatening, obscene, or harassing materials.

D.2.4 It is not acceptable to use the NEARnet network so as to interfere with or disrupt network users, services or equipment. Disruptions include, but are not limited to, distribution of unsolicited advertising

propagation of computer worms and viruses, and using the network to make unauthorized entry to any other machine accessible via the network

D.2.5 It is assumed that information and resources accessible via the NEARnet network are private to the individuals and organizations which own or hold rights to those resources and information unless specifically stated otherwise by the owners or holders of rights. It is therefore not acceptable for an individual to use the NEARnet network to access information or resources unless permission to do so has been granted by the owners or holders of rights to those resources or information.

D.3 Violation of Policy

D.3.1 BBNTSI will review alleged violations of Acceptable Use Policy on a case-by-case basis. Clear violations of policy which are not promptly remedied by Member organization may result in termination of that Member's access to the NEARnet network and related services.

Your local Time Warner Cable affiliated cable operator ("Operator") seeks to create and foster an on-line community that can be used and enjoyed by all its cable modem customers across all ISPs offered by Operator. To further that goal, Operator has developed an Acceptable Use Policy. Although much of what is included here is common sense, Operator takes these issues very seriously and will enforce its rules to ensure enjoyment by all of its members. Operator reserves the right to suspend or cancel a subscriber's account for engaging in inappropriate conduct.(Subscribers, of course, also remain legally responsible for any such acts.) In using the services of any ISP as provided over Operator's cable network (the "ISP Service"), subscribers accept this non-exhaustive list of restrictions as well as those set forth in Operator's Cable Modem Subscription Agreement and agree to use the ISP Service only for lawful purposes and not to use or allow others to use the ISP Service in violation of the following guidelines:

  • Unless you have specifically subscribed for commercial grade service, the ISP Service is provided to you for personal, non-commercial use only. The service cannot be used for any enterprise purpose whatsoever whether or not the enterprise is directed toward making a profit. If it is your intention to use this service for these purposes, please contact Operator to inquire whether commercial grade service programs are available.

  • The ISP Service may not be used to engage in any conduct that interferes with Operator's ability to provide service to others, including the use of excessive bandwidth.

  • The ISP Service may not be used in a manner that interferes with Operator's efficient operation of its facilities, the provision of services or the ability of others to utilize the ISP Service in a reasonable manner. Operator may use various tools and techniques in order to efficiently manage its networks and to ensure compliance with this Acceptable Use Policy (“Network Management Tools”). These may include detecting malicious traffic patterns and preventing the distribution of viruses or other malicious code, limiting the number of peer-to-peer sessions a user can conduct at the same time, limiting the aggregate bandwidth available for certain usage protocols such as peer-to-peer and newsgroups and such other Network Management Tools as Operator may from time to time determine appropriate.

  • The ISP Service may not be used to breach or attempt to breach the security, the computer, the software or the data of any person or entity, including Operator, to circumvent the user authentication features or security of any host, network or account, to use or distribute tools designed to compromise security, or to interfere with another's use of the ISP Service through the posting or transmitting of a virus or other harmful item to deliberately overload or flood that entity's system.

  • In using the ISP Service, you may not use an IP address or client ID not assigned to you, forge any TCP/IP packet header or any part of the header information in an e-mail or newsgroup posting or probe, scan or test the vulnerability of any system or network by the use of sniffers, SNMP tools or any other method.

  • The ISP Service may not be used to post or transmit content that violates child pornography statutes or contains graphic visual depictions of sexual acts or sexually explicit conduct involving children, or other depictions of children, the primary appeal of which is prurient. Complaints regarding the posting, distribution, or availability of child pornographic material should be submitted to childporncomplaints@rr.com.

  • The ISP Service may not be used to upload, post, transmit or otherwise make available any materials or content that violate or infringe on the rights or dignity of others.  These include, but are not limited to, materials infringing or compromising intellectual property rights or the ability to maintain trade secrets and other personal information as private; the ability to avoid hate speech; threats of physical violence; harassing conduct; sexually oriented material that is offensive or inappropriate; and unsolicited bulk e-mail.

  • The ISP Service may not be used to engage in or foster any consumer fraud such as illegal gambling, “Make Money Fast” schemes, chain letters, Pyramid, or other investment schemes, or to make or encourage people to accept fraudulent offers by e-mail, USENET or other means, of products, items or services, originating from your account, or through a third party which implicates your account or to post or transmit off-topic or commercial messages on bulletin boards.

You may not engage in any of the above activities using the service of another ISP, while channeling such activities through your ISP Service account or using this account as a mail drop for responses.

NSFNET BACKBONE ACCEPTABLE USE POLICY

GENERAL PRINCIPLE:

(1) NSFNET Backbone services are provided to support open research and education in and among US

research and instructional institutions, plus research arms of for-profit firms when engaged in open scholarly communication and research. Use for other purposes is not acceptable.

SPECIFICALLY ACCEPTABLE USES:

(2) Communication with foreign researchers and educators in connection with research or instruction, as long as any network that the foreign user employs for such communication provides reciprocal access to US researchers and educators.

(3) Communication and exchange for professional development, to maintain currency, or to debate issues in a field or subfield of knowledge.

(4) Use for disciplinary-society, university-association, government-advisory, or standards activities related to the user's research and instructional activities.

(5) Use in applying for or administering grants or contracts for research or instruction, but not for other fundraising or public relations activities.

(6) Any other administrative communications or activities in direct support of research and instruction.

(7) Announcements of new products or services for use in research or instruction, but not advertising of any kind.

(8) Any traffic originating from a network of another member agency of the Federal Networking Council if the traffic meets the acceptable use policy of that agency.

(9) Communication incidental to otherwise acceptable use, except for illegal or specifically unacceptable use.

UNACCEPTABLE USES:

(10) Use for for-profit activities (consulting for pay, sales or administration of campus stores, sale of tickets to sports events, and so on), or use by for-profit institutions unless covered by the General Principle or as a specifically acceptable use.

(11) Extensive use for private or personal business.

This statement applies to use of the NSFNET Backbone only. NSF expects that connecting networks will formulate their own use policies. The NSF Division of networking and Communications Research and Infrastructure will resolve any questions about this Policy or its interpretation.
Spring 2017
Presque Isle, Maine 04769
Department of Information Technologies
Information Technologies Inventory Procedure

New & Existing Computer Equipment:
  • Copy the Open Audit command files to the root of the hard drive.
  • Open Audit can be found on the N: drive;
  • n:\oa\audit.cmd
  • n:\oa\audit_windows.vbs
  • Make sure the computer has an internet connection.
  • Run audit.cmd from the root of the hard drive.
  • Once audit is complete, Open Audit will automatically add the computer to inventory and close the program, completing the inventory audit.
  • Add the computers physical location to the description box in the location section of Open Audit.
  • http://openaudit.nmcc.edu/

Updating Computer Inventory:
  • Make sure the computer has an internet connection.
  • Run audit.cmd from the root of the hard drive.
  • Most machines will auto run Open Audit when a member of the IT Department logs into them.
  • Once audit is complete, Open Audit will automatically update the computer information to inventory and close the program, completing the update process.

Projectors, Elmo’s and other "IT" Devices
  • All projectors and Elmo’s need to be inventoried and stickered that are already in use.
  • New Projectors and Elmo’s need to be inventoried and stickered before being put into use.
  • All projectors and Elmo’s, new and existing need to be put into Open Audit for inventory management.

Projector & Elmo Maintenance
  • Every semester all projectors need to be cleaned and checked to be working properly.
  • A member of the IT department will record the hours of use on the lamp in each projector every semester as well as replacing those that need to be replaced.
  • Every semester all Elmo’s need to be cleaned and checked to be working properly.
  • All projectors and Elmo’s need to be checked to be in the same location, as reported in the Open Audit inventory.
  • All cables and remotes need to be checked for breaks and proper operation.

Labeling Equipment:
  • The label will be a QR Code.
  • Under the QR code will be the location and inventory number assigned by Open Audit.
  • Ex: Martin 210 OA 154

Moving Equipment:
When computers or electronics labeled as inventory need to be moved to a different location on campus a member of the IT department needs to be consulted so proper changes in inventory location can be made if equipment move is to be permanent.
Northern Maine Community College Technology Replacement and Upgrade
2018

 

Adequate computer and network hardware and software are essential to the delivery of instruction, student learning, research and creative activities, and to the efficient and effective management of the institution. Rapid changes in technology require that a well-managed college have a systematic plan for upgrading and replacing technology to ensure that it offers access to the most basic services.

This document defines Northern Maine Community College's (NMCC) replacements of all NMCC-owned technology equipment at the end of its life cycle and upgrades of institution-wide software.

This documents the practices currently in use.

SCOPE 

This document applies to all NMCC-owned workstations, laptop computers, desktop peripherals (printers, scanners, projectors, and interactive whiteboards), network hardware (servers, switches, routers, bridges, and other key network devices), cable plant and physical infrastructure, and the institution-wide software (Microsoft Operating System, Microsoft Office Suite, Jenzabar, SPSS, and other site-licensed desktop applications) running on those devices.

 

ROLES AND RESPONSIBILITIES  

Administration/Department Heads - Each department head is responsible for identifying any replacements/upgrades necessary to ensure an employee can effectively perform his/her job duties.

 

Information Technology Department – This group is responsible for generating and monitoring inventories, budgeting for replacements and upgrades and executing equipment replacements and upgrades to institution-wide software on an as needed basis. This group also makes technical decisions on equipment and software standards and upgrades and replacements based on industry trends, software development cycles, costs and risks to systems stability.

 

STATEMENT 

Northern Maine Community College will maintain modern computer and network hardware and software capable of supporting its educational and business activities.


To accomplish this, technology hardware will be budgeted for replacement through the department requesting the equipment’s budget and evaluated by the IT department according to the schedule below.

 

Category

Description

Replacement Timeframe

High-performance Servers

This category encompasses all high- performance and high-use servers. These servers perform mission critical activities and/or provide access to critical services daily.

 

 

On an as needed basis

Laptop Computers

This category encompasses all laptop systems and includes all associated docking stations and monitors as a single unit.

 

On an as needed basis

Workstation Computers

This category encompasses all desktop computer systems and includes the CPU and monitor as a single combined unit.

 

On an as needed basis

General Use Servers

This category encompasses all servers not classified as "high-performance". These servers provide mission-essential services and perform activities supporting the academic, service and business goals of the institution.

 

 

On an as needed basis

Network Hardware

Network hardware includes repeaters, routers, switches, bridges, access points and other communication devices.

 

On an as needed basis

Desktop Peripherals

Desktop peripherals include printers, scanners, projectors, and interactive whiteboards.

 

On an as needed basis

Cable Plant and Physical Infrastructure

The copper and fiber optic wires that connect data/information stations together and comprise the network infrastructure are the components identified in this last category.

 

On an as needed basis

 

Software Upgrades

Related to software, all systems should be running the current version or most recent prior (current -2) version of manufacturer-released software packages. If a college-owned system is found to be running an older version (current -2 or older) of any institution-wide software package (Microsoft Operating System, Microsoft Office Suite, Jenzabar, SPSS, or other site-licensed desktop application), it will be upgraded to the most recent version as soon as possible.

 

Replacement Requirements

All replacements will adhere to a single standard for each equipment type. Departments must surrender a like device (computer, peripheral, etc.) for each device replaced. Departments may not repurpose existing devices to expand the number of technology devices supported. All enhancements to or changes from the standard resulting in a cost-higher than that of the standard will be charged to the requesting department’s budget.

 

If a department keeps or maintains any special-purpose software or peripherals, they must be compatible with the new equipment and all institution-wide software packages. Otherwise, the department is required to purchase the software or peripheral upgrade.

DISASTER RECOVERY PLAN

 

Northern Maine Community College

Computing and Information Technology

33 Edgemont Drive

Presque Isle ME 04769

Updated 2017

 

 

Because of the sensitive nature of this document, some information has not been included with the plan.  That information is kept with the Information Technology Staff.  It is requested that you do not discuss the details contained in it with persons that do not have “the need to know.” 


 

Table of Contents

 

1.0          Introduction

1.1          Authority

1.2          Distribution

2.0          Basic Recovery Plan Requirements

2.1          Disaster Recovery Team

2.2          Offsite Storage of System Backup Disks

2.3          Backup Facilities (hot site)

3.0          Recovery Plans

3.1          Disaster Preparation

3.2          Emergency Response

3.3          Recovery Procedures

3.3.1      Recovery Time Table

4.0          Disaster Recovery Plan Review

5.0          Appendices

A.                  Disaster Recovery Team Members

B.                  Vendor Contracts and Insurance Information

C.                  Backup Schedules

D.                  Computer Room Equipment List

E.                   Computing and Information Technology Staff


 

1.0  Introduction

The personnel, equipment, software systems, and databases which comprise Computing and Information Technology are necessary in order for the College to function in an effective manner.  The purpose of this plan is to provide guidance in recovering from any disaster which might befall these to minimize downtime and to assist users in accommodating their critical processing requirements.

 

1.1  Authority

The decision to implement disaster recovery procedures is the responsibility of the Dean of Technology & Facilities or his designee.

The Disaster Recovery Team will convene as soon as possible after a disaster has occurred to assess damages and make recommendations to the Dean of Technology & Facilities.

 

1.2  Distribution

This plan will be distributed to and used by those persons responsible for its implementation and operation.  These individuals are identified in Appendix A.  This document will be maintained and updated by the Information Systems Department whenever significant changes occur.

 

2.0  Basic Recovery Plan Requirements

The basic requirements for the Recovery plan are as follows:

A.      Disaster recovery team.

B.      Disaster recovery documentation.

C.      Backup computer facilities (hot site).

 

2.1  Disaster Recovery Team

The Disaster Recovery Team (see Appendix A) has been established and organized to assess the damage to the computer facility, to control and coordinate recovery/backup actions, and to make recommendations to the Dean of Technology & Facilities.  The team will consist of a cross section of persons responsible for one or more of the following functions:

A.      Recovery Administration

1.       insurance notification

2.       supplies

3.       organization

B.      Systems software

C.      Application software

D.      Communications

E.       Operations

F.       Facilities

G.      Hardware

The Dean of Technology & Facilities serves as the Chair.  The disaster recovery team shall meet every six months to discuss the current document and make recommendations for changes to it.  All changes must be submitted in writing to the team and agreed upon by the majority before they become part of the document with final review and approval by the management team.  It is the responsibility of the Chair to make the necessary changes and distribute the new document to the appropriate persons.

In the event of a disaster or major failure, the team should convene with as many team members as possible.  All members of the team should assess damages and report to the Chair at the earliest opportunity.

 

2.2 Offsite Storage of System Backup Disks

In the event that disaster befalls the current location of the computers, having backup disks stored off site is critical.  The most current full system backup and the year-end backup should be stored far enough away from the computer room to be safe in the case of fire or flood.  Far off site storage has been designated as a fireproof data safe located with the Manager of Information Systems and Energy.

 

All servers located on the NMCC campus are scheduled for back up at different run times from daily to monthly depending on the server [see Appendix C]. All MS and MY SQL databases are backed up on multiple servers daily as well as manually copied to usb drives on a 10-drive rotation and kept off site with the Manager of Energy and Information Systems.

 

2.3 Backup Facilities (hot site)

In case of fire or natural disaster it may become necessary to move the computer room to a backup location or hot site.  The location currently designated is in the Common Building.  This site has been selected because the network hub is to be located there.  Recreating network functions would be facilitated by this location.

 

We are exploring all options including utilizing EMCC as a hot site location and will revisit this topic on a yearly basis.

 

 

3.0  Recovery Plans

Several recovery plans have been identified, depending upon circumstances.

A.      Disaster Preparation.  Being ready and planning ahead is the easiest way to be sure we can quickly and fully recover from a disaster.

B.      Emergency Response.  These are the first actions taken in an emergency situation, designed to bring the computer systems back to operation, even if not at full capacity or in a degraded state.

C.      Recovery Procedures.  These are the procedures designed to return the computer systems back to a fully operational state, including bringing up the hot site.

 

3.1  Disaster Preparation

This section outlines the minimum steps needed to insure we can fully recover from a disaster.

A.      The disaster plan must be kept current and all of the personnel on the recovery team must be made aware of any changes.

B.      Current copies of the insurance information and the replacement documents for systems should be and are included in this document.

C.      The offsite storage area should be inspected periodically to insure it is clean, organized and that the correct backups are in storage.

D.      The fire fighting system in the computer room should be inspected regularly.

E.       As many department heads as possible should be aware of the consequences of a disaster and what they can do while recovery is in progress.

F.       The safety department should have the telephone numbers of pertinent persons to contact in the case of an emergency occurring during off hours.

G.      Procedures and lead times for replacement equipment and communications should be established.

H.      All computing personnel should be informed of the proper emergency and evacuation procedures.

I.         Procedures for informing user community should be established.

In the event that there is warning of impending disaster, e.g. potential flood situations, tornadic activity in the immediate area, fire or potential building damage, the following steps should be taken.

A.      Notice should be given to as many recovery team members as possible.  (see Appendix A)

B.      The Dean of Technology & Facilities should be briefed and a decision should be made whether to shut down the systems.

C.      The recovery team should convene and review whatever actions may be necessary.

 

3.2 Emergency Response

This section details the basic actions that need to be taken in the event of a disaster situation.

A.      The Dean of Technology & Facilities or his assignee should be notified as soon as possible.

B.      The disaster recovery team should be notified and assembled as soon as reasonable under circumstances.

C.      Team members should assess damages to their individual areas of expertise.

D.      Team members should advise the Dean of Technology & Facilities as to the extent of damage and recovery procedures necessary so that the decision to move the computer center can be made after the assessment of the damage done to current facility.

E.       Pertinent vendors should be contacted and negotiations should be made for the delivery of equipment, delivery time should be noted.  (see Appendix B)

F.       All Department heads should be informed of the decision and given an estimated time to return to either full or degraded service.

G.      Each member of the disaster recovery team should supervise their own area of expertise.

H.      The computer facility should be secured.

 

3.3 Recovery Procedures

Recovery from a complete failure to a degraded mode of service may be necessary.  In this case it may be possible to bring up individual departments on a pirouette basis.

The decision to operate in a degraded mode and the order in which departments are to be brought back into service should be made by the Dean of Technology & Facilities in consultation with team members.

If it is decided to transfer the computer to the hot site located at the Commons Building:

A.      It is assumed that the basic emergency procedures have been followed as detailed in section 3.2.

B.      An inventory of the status of existing equipment and files should be compiled.

C.      The Dean of Technology & Facilities should coordinate the move.

D.      Vendors should be contacted to initiate delivery of replacement equipment to the hot site.  At this time, estimated time of delivery should be noted.  (see Appendix B)

E.       A new offsite (backup) storage facility should be located and used immediately.

F.       All facility systems should be verified operational at this time.

G.      Systems should be tested and loaded as soon as the vendors release them to the college.

H.      Communications, networking, operations and applications software personnel should be prepared to install and or setup their individual function in the appropriate order.

I.         Department heads should be made aware of progress and or setbacks on a regular basis.

J.        Existing safety and emergency procedures at the backup facility should be examined for their adequacy as a computer room.

 

3.3.1 Recovery Timetable

The following timetable does not take into account the amount of time required to input data held on hardcopy during the recovery period, or re-inputting data which may have been lost during recovery.

Day 1                 Convene the disaster recovery team and assess damages, contact vendors, discuss options.

Day 2-4             Take delivery and setup new equipment.  Determine priority of data processing.

Day 5-6             Restore programs and data, test integrity of programs and data.  Begin restoring communications and networking capabilities.

Day 7                 Restore partial operation to priority departments.

Day 8-14           Restore full communications and networking capabilities.  Work with departments to verify data and operation of applications.

 

4.0 Disaster Recovery Plan Review

The following steps will be taken to insure that the Disaster Recovery Plan is current, feasible and effective:

A.      Every six months (in March and in September) the Disaster Recovery Team will be convened to review the Plan and Appendices.  Updates or revisions will be made at this time.

B.      The Dean of Technology & Facilities will subject the contents of the off-site disaster backup tape storage to unannounced periodic audits.  Results of the audit will be documented and filed with the Disaster Recovery Plan addenda materials.


 

5.0 Appendices

Appendix A

Disaster Recovery Team Members

 

Barry Ingraham

Dean of Technology and Facilities

33 Edgemont Drive

Presque Isle, ME 04769

Michael Williams

Director of Finance

33 Edgemont Drive

Presque Isle, ME 04769

Betsy Harris

Registrar

33 Edgemont Drive

Presque Isle, ME 04769

Bill Egeler

Dean of Students

33 Edgemont Drive

Presque Isle, ME 04769

Robert Smith

Manager of Energy and Information Systems

33 Edgemont Drive

Presque Isle, ME 04769

David Wyman

Senior Programmer Analyst

33 Edgemont Drive

Presque Isle, ME 04769

 

 

 

 

 

 

 

Appendix B

Vendor Contracts and Insurance Information

 

HP

VMware

APC

Tripp lite

Sophos

State of Maine Risk Management (Insurance)

Microsoft


Appendix C (Not attached.  Information Technology Staff have the current information.)

Backup Schedules

<-[if supportFields]>

 


Appendix D (Not attached.  Information Technology Staff have the current information.)

Computer Room Equipment List

 


 

Appendix E

Computing and Information Technology Staff

Barry Ingraham

Dean of Technology and Facilities

33 Edgemont Drive

Presque Isle, ME 04769

Robert Smith

Manager of Energy and Information Systems

33 Edgemont Drive

Presque Isle, ME 04769

David Wyman

Senior Programmer Analyst

33 Edgemont Drive

Presque Isle, ME 04769

Jarrod Flanders

Systems Specialist II

33 Edgemont Drive

Presque Isle, ME 04769

Christopher Perry

Systems Specialist I

33 Edgemont Drive

Presque Isle, ME 04769

Courtney Cyr

Administrative Coordinator

33 Edgemont Drive

Presque Isle, ME 04769

 

-->