Resources

Effective Date: 11/07/2023
Last Revision: 11/01/2013

Select employees of Fairleigh Dickinson University may be required to engage with confidential University data. The FDU Confidentiality Agreement and Security Policy defines your obligations under Federal and State guidelines to preserve the security and confidentiality of this information.

Confidentiality Agreement and Security Policy

Fairleigh Dickinson University regards the security and confidentiality of data and information to be of utmost importance. Each individual granted access to electronic and/or hard copy data holds a position of trust and must preserve the security and confidentiality of the information to which he/she is granted access to. Therefore, it is the intent of this policy to ensure that University data, in any format, is not divulged outside of Fairleigh Dickinson University without explicit approval to do so by an Associate Vice-President of the University or higher who has responsibility for the data in question. As such, the University requires all users of data to follow the procedures outlined below:

Policy on Confidential Information

Users of University data are required to abide by all applicable Federal and State guidelines and University policies regarding confidentiality of data, including the Family Education Rights and Privacy Act (“FERPA”) and, as applicable, The Health Insurance Portability and Accountability Act of 1996 (“HIPAA”). For more information, see: FDU’s General Confidentiality Policy, FERPA and HIPAA. 

Confidential Information shall be defined as:

• regarding student, faculty or staff: any personally-identifiable records, financial records (including social security and credit card numbers), health records; contracts, research data; alumni and donor records; personnel records other than an individual’s own personnel record; 

• regarding the University: University financial data; computer and system passwords, University issued PINS, University proprietary information/data; and 

• any other information for which access, use, or disclosure is not authorized by: 1) federal, state, or local law; or 2) University policy.

The individual receiving the Confidential Information shall have no obligation under this Policy with respect to Confidential Information which:

• is or becomes publicly available without breach of this Policy by the recipient;
• is rightfully received by the recipient without obligations of confidentiality; or
• is developed by the recipient without breach of this Policy; provided, however, such Confidential Information shall not be disclosed until thirty (30) days after written notice of intent to disclose is given to the University officer who has responsibility for the data in question, along with the asserted grounds for disclosure;
• is disclosed in accordance with any “whistle blower” action as provided in the U.S. False Claims Act, the New Jersey Conscientious Employee Protection Act (“NJCEPA”), or similar legislation.  (Brief overview of the NJCEPA is available here.

Any individual with authorized access to the Confidential Information is given access solely for the business of the University and must not divulge the Confidential Information outside of the University except for University business requirements approved by the President of the University or the division head responsible for the data in question. Specifically, with respect to Confidential Information, individuals must:

1. Access Confidential Information solely in order to perform his/her job responsibilities.
2. Not seek personal benefit or permit others to benefit personally from any Confidential Information that has come to them throughout their work assignments.
3. Not make or permit unauthorized use of any Confidential Information in the University’s information system or other records.
4. Not enter, change, delete or add data to any information system or files outside of the scope of their job responsibilities.
5. Not include or cause to be included in any record or report, a false, inaccurate or misleading entry known to the user as such.
6. Not alter or delete or cause to be altered or deleted from any records, report or information system, a true and correct entry.
7. Not release Confidential Information other than what is required in completion of job responsibilities which is consistent with this Policy.
8. Not exhibit or divulge the contents of any record, file or information system to any person unless it is necessary for the completion of their job responsibilities.

It is the individual’s responsibility to immediately report, as outlined under “Information Security Breach and Violation Reporting” at the end of this Policy, if the individual has violated this Policy. Additionally, given the potential harm that the University may suffer with the release of any Confidential Information, all employees are strongly encouraged to report any suspected violation of this policy or any other action, which violates confidentiality of data, as outlined at the end of this policy.

Security Measures and Procedures

All users of University information systems, including Datatel, MS File shares and FDU Office 365 email accounts, are supplied with an individual user account to access the data or systems necessary for the completion of their job responsibilities. Users of the University information systems are required to follow the procedures outlined below:

1. All transactions, processed by a user ID and password, or PIN, are the responsibility of the person to whom the user ID was assigned. The user’s ID, password, and PIN must remain confidential and must not be shared with anyone.
   • Using someone else’s user ID, password or PIN is a violation of policy, no matter how it was obtained.
   • Your user ID, password or PIN provides access to information that has been granted specifically to you.  To reduce the risk of shared passwords – remember not to post your password or PIN on or near your workstation or share your password or PIN with anyone.
   • It is your responsibility to change your password immediately if you believe someone else has obtained it.

NOTE: If you need your Password or PIN changed, please contact the Fairleigh Dickinson University Technical Assistance Center (UTAC) immediately.

2. Access to any student or employee information (in any format) is to be determined based on specific job requirements. The appropriate Department Chair, School Director, Department Director/Manager, Dean, Provost, and/or Vice President is responsible for ensuring that access is granted only to authorized individuals, based on their job responsibilities. Written authorization must be received by the Computer Center prior to granting system access.
   • You are prohibited from viewing or accessing additional information (in any format) unless you have been authorized to do so.  Any access obtained without written authorization is considered unauthorized access.
   • In order to prevent unauthorized use, the user shall log off of all applications that provide access to confidential information, or lock their computer when leaving their workstation. This is especially important during breaks and lunch. Unless there is a specific business need, all workstations should be shut down at the end of the workday.

NOTE:  If you require assistance in establishing your workstation password, please access the screensaver documentation or contact the Fairleigh Dickinson University Technical Assistance Center (UTAC).

3. If you have any reason to believe your password or PIN has been compromised or revealed inadvertently, you should change your password and immediately notify one of the individuals as outlined under “Information Security Breach and Violation Reporting” at the end of this policy.

NOTE: All University’s computer system will periodically prompt you to change your password.

4. Upon termination or transfer of an employee, Human Resources will notify University Systems and Security, who in turn will notify the appropriate areas in the Computer Center.

5. Generally, students, temporary employees and consultants should not have access to the University record system. Written approval by the Department Chair, School Director, Department Director/Manager, Dean, Provost, and/or Vice President in charge of the respective area is required if it is determined that access is required. The student, temporary employee or consultant is to be held to the same standards as all University employees, and must be made aware of their responsibilities to protect student and employee privacy rights and data integrity. Written authorization must be received by the Computer Center prior to granting system access.

6. You agree to properly secure and dispose of any outputs or files you create in a manner that fully protects the Confidential Information.

Additionally, I understand that if granted access to process transactions via Datatel data entry screens, any information I enter or change will be effective immediately. Accordingly, I understand that I am responsible for any changes made using my ID.

I understand that my access to University data is for the sole purpose of carrying out my job responsibilities and Confidential Information is not to be divulged outside of The University, except as previously stated. Breach of confidentiality, including aiding, abetting, or acting in conspiracy with any other person to violate any part of this policy, may result in sanctions, civil or criminal prosecution and penalties, employment and/or University disciplinary action, and could lead to dismissal, suspension or revocation of all access privileges. I understand that misuse of University data and any violation of this policy or the FERPA, HIPAA or GLB policies are grounds for disciplinary action, up to and including dismissal. This Agreement shall not abridge nor supersede any rights afforded faculty members under the Faculty Handbook.

Information Security Breach and/or Policy Violation Reporting

If you suspect an Information Security Data Breach or a violation of this policy, report such an event to your department chair or staff supervisor and send an immediate email to violation@fdu.edu. If you do not have immediate access to email, contact the Fairleigh Dickinson University Technical Assistance Center (UTAC); do not provide details but request a ticket be opened with University Systems & Security due to an information security data breach or policy violation requesting an immediate callback. When practical, also send an email to violation@fdu.edu.

Confidentiality Policy Download

Learn how to connect your Apple or Android mobile devices to the FDU-Secure wireless network. ChromeOS and or Chromebook devices will utilize the Android settings listed below to connect to the FDU-Secure wireless network.

1. From your Apple mobile device’s Home screen, locate and tap the Settings app

2. Tap Wi-Fi within the “Settings” app

3. Tap FDU-Secure

4. Enter your FDU NetID credentials when prompted and then tap Join

5. Tap Trust when prompted to accept the wireless security certificate; if you do not complete this step, you will not be able to connect to the FDU-Secure wireless network successfully

6. After joining the FDU-Secure wireless network successfully, you will see a blue checkmark next to the network name and the “connected” Wi-Fi icon in the upper top portion of your device display

1. Open your Android mobile or ChromeOS device’s Settings app

2. Tap Network & internet > Internet within the “Settings” app

3. Tap FDU-Secure from the listed nearby networks

4. Enter the configuration information as seen below

If your device does not already have system certificates installed and you selected “Do not validate” you will see a warning message about security/privacy. It is safe to connect to our network; this is just a general message from the operating system.

On Android devices with OS versions 11 and above, the “Do not validate” CA Certificate option has been removed as a menu option. “Trust on First Use” or “Use system certificates” must be used to successfully connect the mobile device to the FDU-Secure wireless network in this case. If the “Trust on First Use” CA Certificate option is selected, you will see a warning message requiring you to tap “Yes connect.”

5. Tap Connect

This article is intended for students, staff, and faculty who wish to connect their non-PC, IoT, gaming, or streaming devices to the FDU-Wireless network. Devices that require registration include gaming consoles (such as Xbox, PlayStation, Switch) and streaming devices (like Amazon Fire Stick, Apple TV, and Roku).

Registering a Non-PC Device for use on FDU-Wireless Network

Use the link and directions below to register and manage wireless network access for your non-PC devices.

1. Sign in into FDU MyDevices portal using the link below using your FDU NetID

FDU MyDevices Portal

2. Select “Add” to begin registering a device

3. Enter your device type and your device’s MAC Address into the corresponding text boxes. An optional description may be entered for your device as well. Your device’s MAC Address must be entered to register the device and continue. Refer to your devices manufacture for instructions on how to obtain the devices MAC Address. When finished, select “Submit“

Your device should now be listed on MyDevices Portal and allowed to connect to the FDU-Wireless network. It may be necessary to select the FDU-Wireless network on your device or restart your device before successfully connecting to the wireless network

How to Connect an All-in-One for Work-at-Home

Making the Physical Connections

1. Make the appropriate connections to the back of the all-in-one.
   • Plug in the power cable to the power port on the back of the all-in-one.
   • A physical network connection is only required if you do not want to or can not use wireless.
   • Both the keyboard and mouse can be plugged into any USB port.

2. Turn the PC on and sign in as normal.

Connecting to Wi-fi (Skip if Using a Physical Network Cable)

1. Click on the network icon on the bottom-right hand of the Start bar near the system clock.

2. A list of available networks will populate. Select your home wireless network.

3. Select your network and click “Connect“.

4. Enter the network key for your wireless router. This can sometimes be located on the side or bottom of your router and/or modem. Click “Next“.

Connecting to VPN from Home

1. Click on the arrow on the bottom right hand of the Start bar near the system clock and right-click on the “Cisco VPN Access” icon. On the pop-up menu, click “Connect“.

2. If this is the first time connecting to VPN service please enter the text below as shown into the VPN field and click “Connect“.

3. Enter your full NetID information and click “Ok“.

4. Once a successful connection is made a prompt will appear and the icon for the Cisco VPN Access in the system try will appear with a lock.

Fairleigh Dickinson University vigorously enforces United States copyright law. When utilizing the FDU Local Area Network or FDU provided Internet Access, you are required to adhere to all existing US copyright laws.

To view the full statement of law, please visit:

Failure to comply with this document can result in FDU disciplinary action as well as civil and criminal penalties.

Video Production

Multimedia Services operates as a cost recovery center. We are not a profit center, so our pricing is significantly less than any outsourced production, while offering exceedingly high production values.
Pricing for a single or two camera production are $350.00 per day, per camera.

Post Production

Post Production costs are charged at the rate of $45.00 per hour. Depending upon complexity, running time and the number of preview adjustments, the average time to edit a project is between 4 and 6 hours.

ADA

All videos that will be distributed on line must be ADA compliant. This includes closed captions and transcription. The charges for this service are $1.00 per minute of video for captions and transcriptions respectively.

Backup Alert Email Notifications

CrashPlan Backup will send users an email alert notifying them of any incomplete backups of their devices.

• The CrashPlan Backup email alert will be sent from “CrashPlan <noreply@crashplan.com>”
• The Subject line of the email will be labeled with: “[External]Critical: [Name of Device] not backed up“

Backup Alert

You will receive an alert when your computer hasn’t backed up to Code42 for 5 calendar days. The email will look like the example below:

After receiving a CrashPlan Backup alert email, you should locate the device the email specifies in need of backup. The CrashPlan Backup device name will be listed in the Subject: line and Computer Name: line of the Code42 backup alert email.

To locate the name of a CrashPlan Backup device:

1. Click the CrashPlan Backup icon in the Windows System Tray, also referred to as the notification area.

CrashPlan Backup icon

1. Click “Run Backup now“

Ensure the CrashPlan backup application displays the same name as the CrashPlan Backup alert email you received.

After locating the correct specified device stated in the Code42 backup alert email, force a backup of the device by performing the following:

1. Click the “CrashPlan Backup” System Tray or macOS menu bar Icon

CrashPlan Backup icon

2. Click “Run Backup now“

Whether you’re working at home or the office, OneDrive makes it easy to create new documents and share your files. You can even collaborate with others on a document.

In the following external article, you’ll learn how to create documents and folders. It will go over how to share your files with different groups of people, as well as the various collaboration tools available in Office 365.