Technology Help Desk
Preus Library
Main Level
700 College Dr
Decorah, IA 52101
Fall Hours
M-Th: 7:30 am – 9:00 pm
F: 7:30 am – 5:30 pm
Sa: 2:00 pm – 5:00 pm
Su: Noon – 9:00 pm
Thanksgiving Break Hours
(Nov. 27–Dec. 1)
Wednesday: 8:00 am – 3:00 pm
Thursday: Closed
Friday: Closed
Saturday: Closed
Sunday: 6:00 pm – 9:00 pm
Phone: 563-387-1000
Network Use
Department: Information Technology Services
Subject: Network Use Policy
Date Issued: September 13, 2018
Updated and Reviewed By: Information Security Council – April 25, 2024
Approved By: President’s Cabinet — September 30, 2024
I.   Policy/Procedure
This document outlines the policy for network use of information technology solutions.
II.  Purpose
The purpose of this policy is to inform and educate the Luther College community of the rights and responsibilities associated with use of the College’s data networks. This policy governs the use of Luther’s data and data networks, and applies to students, faculty, staff and anyone else who is authorized to use these resources. The College reserves the right to modify this Policy at any time, with or without notice.
III. Scope
This policy applies to all students, faculty, staff and anyone else who is authorized to use the Luther College network.
IV. Procedures and Guidelines
- Luther College, as part of a continuing commitment to faculty, students, alumni, and staff, provides certain information technology resources, including telecommunications and computing equipment, and access services. These resources include centralized servers for email, Internet access, administrative applications, academic applications, and data; a fiber based campus network backbone as well as associated network hardware and software which distribute network resources to academic, administrative, and residential buildings; desktop resources such as computers, printers, and software; as well as access to campus and global information resources. These resources are to be used for education, research, and administrative purposes related to the mission of the College, and consistent with appropriate College policies and codes of conduct. It is expected that users of campus information technology resources will respect the priority of these purposes.
- As a Luther student, faculty, or staff member, you are encouraged to use these resources. By using these resources, you agree to abide by all policies and procedures of the College. Luther College expects ethical and responsible behavior. You are expected to conduct yourself as appropriate for any good citizen, and you will not participate in any illegal activity, any for-profit commercial activity, or other conduct, communication, or activity that will negatively impact Luther College or other users of the College’s information technology resources.
- Use of these resources is governed by and is subject to all applicable College policies. For student governance, see the Student Handbook for details of the Luther Code.
- For details on faculty or staff governance, see the respective handbook or other authorities that describe the Luther Code as it applies to faculty and staff.
- Failure to comply with these, or any other applicable policies, will result in sanctions as outlined in those policies and denial of access to the College’s information technology resources.
- By using the information technology resources provided by the College, you are indicating your acceptance of this policy and your promise to abide by it.
- The equipment, data network, and other technology resources provided by the College are the property of the College, and shall be used only for purposes consistent with the Acceptable Use policy. The College may monitor the use of its resources, including the Internet. Users shall have no expectation of privacy in the College technology resources or any materials within, including email and stored files.
- Luther considers it the responsibility of each member of the College community to ensure that their academic or administrative work is in compliance with appropriate copyright law. This covers transmission, reproduction, storage, manipulation, and use of intellectual property.
- If using copyrighted works in academic or administrative endeavors, it should only be in “fair use” under copyright law. Information and guidance on “fair use” is available on the College’s website. Faculty are responsible for ensuring that all course materials used in their courses are being used appropriately with the proper permissions secured. Students are expected to complete assignments and work under “fair use” provisions or to arrange licensing in other cases.
- For Luther’s full copyright and intellectual property policies, please see: www.luther.edu/library/copyright
- All content posted with the use of Luther College data networks, systems, or equipment (including posts accessed through a private user account over the College wireless network), and the use of social media to represent the College and members of the College community, are subject to all College policies and may not remain private or be limited to the user’s intended audience. Luther College reserves the right to monitor all content transmitted or stored on its data networks, systems, or equipment. Luther College reserves the right to take appropriate action against students who improperly use Luther College’s network, systems, and equipment, including harassment, eavesdropping, or other inappropriate behavior. For additional information refer to the Student Handbook. For bias incidents refer to the Bias Incident, Hate Act, Hate Crime, Discrimination, and Harassment Policy and Procedures within the Student Handbook.
- In general, the following activities are considered disruptive to learning and/or a professional workplace environment and an inappropriate use of the College’s data network, systems, and equipment. Members of the College community engaged in inappropriate activities, including but not necessarily limited to the following, may be subject to discipline:
- Any use of technology that creates, distributes, accesses, or transmits harassment, intimidation, threats, or otherwise takes advantage of peers or colleagues;
- Any use of technology that violates the College’s Bias Incident, Hate Act, Hate Crime, Discrimination, and Harassment Policy, or any other conduct policies applicable to students, faculty, or staff; or
- Any use of technology that creates, distributes, accesses, or transmits abusive, discriminatory, slanderous, libelous, or sexually explicit material.Â
- All College community members are reminded that use of social media involves disclosure of personal information to others which can result in increased risk to you. Social media is increasingly being exploited for fraudulent and illegal activity including theft, blackmail, extortion, and slander. Luther strongly advises those who choose to participate on social media to exercise caution and to remain vigilant against individuals who seek to cause harm. Individuals who witness or learn about an incident of inappropriate use of social media within the College community are encouraged to immediately report such inappropriate use to College officials. The College will investigate reported incidents and will pursue sanctions against those in our College community who use these services for any illegal or inappropriate purpose.
- Peer-to-peer file sharing is a popular, efficient and legal way to share files for which you have legal license to distribute or receive via computer networks. There are many software clients that enable file sharing operating on networks, for example BitTorrent. Luther blocks access to peer-to-peer file sharing protocols in compliance with the Higher Education Opportunity Act of 2008.
- Receiving or transmitting files for which you do not have legal license to distribute is not permitted under Luther’s network use policies and is in many cases an illegal act punishable under criminal and/or civil law. Luther will contact any user found to be violating this policy with information regarding the claimed infringement. Failure to respond to and address the claimed infringement notice and associated activity may result in loss of network privileges and referral to the campus judicial system.
- We have received infringement notifications that have resulted in the suspension of network privileges for Luther students. Those engaging in file sharing activity on Luther’s network should be aware of and consider:
- All users of Luther’s network resources are legally responsible for their own actions. Luther as an institution cannot and will not provide legal protection for online activities, and we will cooperate with any lawful legal action directed at users of our network.
- Luther does not currently have any active processes to monitor the legality of traffic on our network. We believe users should be responsible for their actions and that it is not Luther’s responsibility to police compliance.
- Access to internet resources that are deemed to pose a threat is blocked to protect the security of the network.Â
- People (and computers) are watching what users do online. Users sharing files for which they do not own legal license to distribute run a good risk of being identified by copyright holders. When we are notified of fraudulent acts committed on our network, we track who was responsible for the activity and hold them accountable for that activity.
- Installing and operating a personally-owned wireless access point attached to Luther’s network is not permitted. Any community member that installs wireless access points on the Luther network may have their access to network resources disabled and will be held responsible for all activity that occurs on that access point. This includes anonymous use by others of said access point. In cases where file sharing or other illegal activity occurs over open access points, we have and will continue to pursue punitive measures against the owner and operator of the wireless access point.
- Luther encourages users who choose to acquire digital media to use legal and licensed services such as Amazon Video, Apple TV+, Hulu, or Netflix.
- The following individuals are issued credentials (Norse Keys) to access Luther College data, systems, and services at Luther while they are active members of the Luther community:
- Students (regardless of enrolled credit hours)
- Faculty (regardless of course load or contract status, provided they receive compensation from Luther)
- Staff (regardless of appointment status, provided they receive compensation from Luther)
- The following individuals are not automatically authorized to receive credentials (Norse Keys) to access network-based services at Luther. Requests for credentials to be issued to any individual within one of the groups below should be made in writing to the Executive Director of Information Technology Services:
- Contract Staff
- Emeritus Faculty
- Independent Contractors
- Volunteers
- The following individuals were issued email-only accounts:
- Alumni who graduated before 2019 and opted in during the defined window
ITS requests that supervisors hiring new employees also complete the New Employee Setup Form available at: www.luther.edu/offices/its/policies/newemployee.
- Graduating Students
- ITS will email graduating Seniors by May 1st of their graduation year regarding the transition of their accounts. Any student with a valid reason to keep their account active as a student will be directed to a web form. All other accounts will be transitioned to alumni accounts.
- All graduating students will have their accounts transitioned from student accounts to alumni accounts on/after July 1st of their graduating year.
- Norse Apps will no longer be available based upon the timeline shown at Transitioning Digital Services for Graduating Seniors. Prior to that date, students should transition any needed emails, contacts, or files to another account.
- Non-Graduating, Non-Enrolled Students
- ITS periodically removes access to most Luther digital services for students who haven’t been enrolled for a year and haven’t graduated—typically this is because the student took an extended leave of absence, withdrew, transferred, was dismissed, or was otherwise not on-track to graduate.
- Former students retain access to transcript requests, Handshake, the Alumni Magazine, and if they are considered Alumni, they also retain access to the Alumni Directory.
- ITS notifies non-graduated, non-enrolled students six months before removing account access. Details can be found at our Transitioning Digital Services for Graduating Seniors page.
- Faculty
- Faculty accounts will expire on their employment end date. Accounts will be disabled on their employment end date, and then deleted seven years after their employment end date.
- ITS will work with HR to acquire advance notice of these expirations. Notice will be made to ITS and distributed via KBOX to the appropriate personnel. The ticket will include all date information, including any approved extensions.
- ITS will email the Faculty regarding the transition of their accounts. Faculty with a valid reason to retain an active faculty account will be directed to a web form where they can request a one month extension for their account to remain active. Any extensions longer than one month will require approval of the Provost and the Executive Director of ITS.
- Data stored on Luther servers (including “H drive” or “Home drive”) will be retained for a period of two months after the account expiration, and then deleted. No requests for restores will be granted.
- Voice services (i.e. phone extension and voicemail) will be disabled/deleted on the employment end date.
- Faculty must return all technology equipment to ITS by their employment end date.
- Staff and Contract Staff
- Staff/Contract Staff accounts will expire on their employment end date.
- ITS will work with HR to acquire advance notice of these expiries. Notice will be made to ITS and distributed via KBOX to the appropriate personnel. The ticket will include all date information, including any approved extensions.
- ITS will email Staff and their immediate supervisors regarding the transition of their accounts. Staff with a valid reason to retain an active staff account will be directed to a web form where they can request a one month extension for their account to remain active. Any extensions longer than one month will require approval of their Cabinet representative and the Executive Director of ITS.
- Staff accounts will be initially disabled on their employment end date, and then deleted two months after their employment end date.
- Data stored on Luther servers (including “H drive” or “Home drive”) will be retained for a period of two months after the account expiration, and then deleted. No requests for restores will be granted.
- Voice services (i.e., phone extension and voicemail) will be disabled/deleted on the employment end date.
- Staff must return all technology equipment to ITS by their employment end date.
- Death
- Upon the death of a student, ITS will work with the Dean of Student Engagement to determine how to transition digital content in the account of the deceased.
- Upon the death of a faculty member/staff/contract staff person, ITS will coordinate with the appropriate member of cabinet to take control of and distribute any digital content in the account of the deceased.
- Email Notices from ITS Regarding Removal of Network Access Includes:
- Summary of ITS Exit Policy with link to full text
- Reminder of Luther policies on intellectual property and ownership of data
- Instructions for transitioning Norse Mail, Norse Docs, Norse Calendar, Norse Groups, Norse Sites, KATIE content, and files stored on network shares.
- Link to web form requesting special consideration
- Overview of timeline and deadlines
- Note to work with supervisor/colleagues to retain/transition critical data
- Notice to return any ITS/Library materials currently checked out to them (including interlibrary loan materials) and a link to review their circulation records.
- In order to maintain appropriate network security, all users of Luther College networks and systems are required to use Multi-Factor Authentication (MFA) with their Norse Key password. A Norse Key is the username and password used to access most digital resources at Luther College.
- Norse Key passwords must be changed at least every 180 days. ITS is responsible for ensuring that Norse Key passwords expire every 180 days.
- Norse Key passwords must be at least 12 characters long and meet additional minimum requirements.
- Users will receive five notification/reminder messages prior to the expiration of their password. The first will be sent two weeks prior to expiration, the second one week prior to expiration, the third 3 days prior to expiration, the fourth 2 days prior to expiration, and the fifth 1 day prior to expiration. Users will be prompted to visit norsekey.luther.edu to change their Norse Key password.
- College community members should not share or reveal their Norse Key credentials with anyone. In particular, ITS will never ask for a Norse Key password via email. Email requests for login information are invariably attempts to compromise account information.
STATEMENT OF RESPONSIBILITY FOR THE SECURITY AND CONFIDENTIALITY OF DATA AND DATA NETWORKS
General Responsibilities
Security and confidentiality of all data is a matter of concern for all members of the Luther community who have access to records and files, paper and computerized, and the data infrastructure and networks owned by Luther College.
Each individual working with institutional data holds a position of trust and must recognize the responsibility of preserving the confidentiality, integrity, and availability of Luther College data, systems, and services. All members of the Luther community with access to institutional information or data, systems and services are expected at all times:
- to keep personal passwords private; passwords are not to be written down or shared with others;
- to use Multi-Factor Authentication (MFA);
- to sign off or lock your workstation when leaving the immediate work area;
- to assume responsibility and be held accountable for all data modifications made using their user ID and password;
- to not make or permit unauthorized use of any information in the files or databases;
- to not permit or provide access to Luther College data infrastructure or networks by any unauthorized individuals;
- to not seek personal benefit or permit others to benefit personally by any confidential information which has come to them through their work assignment;
- to not exhibit or divulge the contents of any record or report to any person except in the conduct of their regular work assignment;
- to not use any official record or report (or copy of same) for purposes other than college business;
- to not operate or request another to operate any Luther College computer equipment for purely personal business;
- to not send sensitive or confidential data, regardless of intent, outside the institution without proper authorization;
- to not to aid, abet, or act in conspiracy with any person to violate any part of this Statement of Responsibility;
- to report any violation of this Statement of Responsibility code to oneĘĽs supervisor immediately.
- To comply with the Mobile Device Policy when using personal devices to access College data, systems, and services.
- To comply with the terms of the Network Use Policy.
Violation of the provisions contained in this Statement of Responsibility will lead to corrective action consistent with the general disciplinary policies of the College.
Responsibilities Regarding Student Information
FERPA and Student Information
Each person is responsible for knowing the special considerations relative to student information and the Family Educational Rights and Privacy Act (FERPA). It is important that each individual with access to student data understands the reasons for the existence of the Family Education Rights and Privacy Act (FERPA), the consequences of non-compliance, and the procedure involved in order to respond to inquiries about studentsĘĽ records.
FERPA is a federal law that guarantees students:
- the basic right to have access to all their education records;
- the assurance that their records are protected from access;
- the right to challenge their records believed to be inaccurate, misleading, or otherwise in violation of the studentsĘĽ privacy.
Any institution that has programs that are federally funded (such as Pell Grant and Guaranteed Student Loan) must comply with this law or be subject to loss of those funds. In addition, individuals with access to student data who do not comply with this law are subject to college personnel and disciplinary policies and/or accountability in a court of law.
The following guidelines will provide some assistance in complying with FERPA.
Students must be allowed access to:
- all types of education records directly related to that student (copies of records may be provided with or without charge).
Procedures for student access are:
- electronic authorization or presentation by the student of an ID (telephone requests should not be honored) or receipt of a signed and dated request from the student.
Students must not be allowed access to:
- education records that contain information on more than one student (the student may review only the specific information about themself);
- financial records of the studentĘĽs parents;
- confidential letters of recommendation, for which the student has signed a waiver.
Circumstances that allow third-party access to confidential educational records (all third-party requests should be referred to the RegistrarĘĽs Office):
- to college employees who are in the process of carrying out their specifically assigned educational or administrative responsibilities; whether the need to know is a legitimate educational interest must be determined by the employeeĘĽs office/department administrator or manager;
- to parents of a dependent student, as defined by the Internal Revenue Code;
- to representatives of the Department of Defense, limited to directory-type information;
- in connection with financial aid;
- to federal or state educational authorities;
- to accrediting organizations;
- in compliance with a lawfully issued subpoena;
- in connection with a health or safety emergency.
Note: Education records disclosed in the above circumstances must include the condition that further disclosure to a third party not be made without the prior consent of the student.
Access to student directory information
Luther College employees may release directory information without written permission of the student; however, students have the right to restrict access to directory information. For students who have made such a request with the Office of Student Engagement, the specific restrictions that are requested may be identified on that studentĘĽs record in Colleague. If an employee encounters one of these records, he or she will receive a message on the screen notifying which data has been restricted. If a student has requested that access to directory information be restricted, he or she should refer all requests for information about that student to the Office of Student Engagement.
Directory information is defined as:
- name
- local and permanent mailing address
- campus residence hall
- personal telephone number(s)
- campus telephone number
- email address
- dates of attendance
- year of school
- enrolled courses
- major(s) and minor(s)
- awards, honors
- degree(s) conferred
- past and present participation in officially recognized sports and activities
- physical characteristics (height/weight) of athletes
- date and place of birth
- employment dates
- employment title(s)
- photographs and other visual images*
* Luther College records visual images during many campus events and daily activities, such as convocations, concerts, classes, athletic events, and other public events on and off campus. These images are regularly used and published as part of Luther’s coverage of campus life for a variety of audiences, including but not limited to – the Luther Magazine, the Luther official website, and admissions materials.
Responsibilities Regarding Other Constituencies Information
- Alumni Records
Alumni records are for official college and Luther College Alumni Association use, and also for individual communication of a personal nature between alumni. Use of this information for any other purpose, including, but not limited to, reproducing and storing in a retrieval system by any means, electronic or mechanical, and photocopying or using the addresses or other information for any private, commercial, or political mailing is strictly prohibited and constitutes misappropriation of college property.
Employee Records
Employee information is for official college use only. Communication of employee information to another member of the Luther community will be limited to name, title, campus location, campus telephone, campus email address, home address, home telephone, spouse name, and childrenĘĽs names. The use of this information and any other employee information/records for any other purpose, including, but not limited to, reproducing and storing in a retrieval system by any means, electronic or mechanical, and photocopying or using the addresses or other information for any private, commercial, or political mailing is strictly prohibited and constitutes misappropriation of college property. All other requests for employee information from Luther employees not included in the items above should be referred to the Office of Human Resources. - All third-party requests should be referred to the Office of Human Resources. Information will only be given upon receiving written authorization, which includes an employee signature authorizing release of such information.
- Employee information released without written authorization from the employee will be limited to requests from state or federal authorities in compliance with a lawfully issued subpoena or in connection with a health or safety emergency.
Responsibilities Regarding Data Published to Luther College’s Website
Members of the Luther College community may be granted privileges to publish content (including but not limited to text, audio, video, or other multimedia materials) to the Luther College web (websites hosted at the luther.edu domain) for internal or external use. Individuals with such privileges agree to the following:
- All content posted to the Luther College website will be in compliance with all copyright and intellectual property laws and guidelines. For more information on Luther’s copyright policies, see edu/library/copyright.
- Ownership of all content published to the Luther College web is the property of Luther College unless otherwise noted and with exceptions as noted in the Luther College Copyright Policy.
- Luther College reserves the right to unpublish or deny publication of any content deemed illegal, inappropriate, inconsistent with the mission of Luther College, or that risks legal action against Luther College or members of the Luther College community.
Responsibilities Regarding Access to Data Infrastructure and Networks
Luther College, as part of a continuing commitment to faculty, students, alumni, and staff, provides certain information technology resources, including telecommunications and computing equipment, and access services. These resources include centralized servers for email, Internet access, administrative applications, academic applications, and data; a fiber based campus network backbone as well as associated network hardware and software which distribute network resources to academic, administrative, and residential buildings; desktop resources such as computers, printers, and software; as well as access to campus and global information resources. These resources are to be used for education, research, and administrative purposes related to the mission of the College, and consistent with appropriate College policies and codes of conduct. It is expected that users of campus information technology resources will respect the priority of these purposes.
As a Luther student, faculty, or staff member, you are encouraged to use these resources. By using these resources, you agree to abide by all policies and procedures of the College. Luther College expects ethical and responsible behavior. You are expected to conduct yourself as appropriate for any good citizen, and you will not participate in any illegal activity, any for-profit commercial activity, or other conduct, communication, or activity that will negatively impact Luther College or other users of the College’s information technology resources.
Use of these resources is governed by and is subject to all applicable College policies. For student governance, see the Student Handbook for details of the Luther Code.
For details on faculty or staff governance, see the respective handbook or other authorities that describe the Luther Code as it applies to faculty and staff.
Failure to comply with these, or any other applicable policies, will result in sanctions as outlined in those policies and denial of access to the College’s information technology resources.
By using the information technology resources provided by the College, you are indicating your acceptance of this policy and your promise to abide by it.
The equipment, data network, and other technology resources provided by the College are the property of the College, and shall be used only for purposes consistent with the Acceptable Use policy. The College may monitor the use of its resources, including the Internet. Users shall have no expectation of privacy in the College technology resources or any materials within, including email and stored files.
Technology Help Desk
Preus Library
Main Level
700 College Dr
Decorah, IA 52101
Fall Hours
M-Th: 7:30 am – 9:00 pm
F: 7:30 am – 5:30 pm
Sa: 2:00 pm – 5:00 pm
Su: Noon – 9:00 pm
Thanksgiving Break Hours
(Nov. 27–Dec. 1)
Wednesday: 8:00 am – 3:00 pm
Thursday: Closed
Friday: Closed
Saturday: Closed
Sunday: 6:00 pm – 9:00 pm
Phone: 563-387-1000