ÐÇ¿ÕÎÞÏÞ´«Ã½

1. Verification of Student Identity

Before initiating a password reset, confirm the student’s identity using at least two of the following methods:

• Full legal name
• Student ID number
• Date of birth
• Last four digits of Social Security Number
• Official college email address
• Photo ID (if in-person)

• Security Note: Never reset a password without verifying identity. If the student cannot be verified, passwords cannot be rest.

2. Determine the Reset Method

1. Self-Service Reset (Preferred)

• Passwords can be reset by the user if they click on ‘forgot password?’ However, most users are unaware of this procedural change. With adoption of MS365 and the migration onto the new ERP system, more education and ease-of-use will be sent out to all college users.

• Use the administrative reset function in the college’s account management system (Active Directory, Azure AD, etc.).
• Create a temporary password following ÐÇ¿ÕÎÞÏÞ´«Ã½ College’s password policy:
  • Minimum 8 characters
  • At least 1 uppercase letter
  • At least 1 lowercase letter
  • At least 1 number
  • At least 1 special character

3. Reset Process – IT Assisted

1. Access the admin panel (Active Directory or Office 365 Admin Center).
2. Search for the student account using name or student ID.
3. Initiate password reset and set a temporary password.
   1. After initial password, the system forces the user to reset their temporary password to a new one that meets certain criteria

4. Communicating the Reset

• Provide the student with the temporary password:
  • In person: User resets password on device – no paper
  • By phone: Only after verification.
  • By secure email: To their alternate email on file.
• Instruct them to:

1. Log in immediately.
2. Create a new password following ÐÇ¿ÕÎÞÏÞ´«Ã½ College’s password guidelines.
3. Avoid reusing old passwords.

5. Security Reminders

• Never send passwords over unsecured channels (e.g., personal text messages, non-encrypted email).
• Report any suspicious account activity to the IT Security Officer.

Computer and Internet resources are provided by ÐÇ¿ÕÎÞÏÞ´«Ã½ College for its students, faculty and staff. This service provides the tools necessary to enhance learning, efficiency, and productivity. The use of these resources requires that a set of standards must be established for its management.

1. Purpose

The purpose of this policy is to establish clear guidelines for the collection, use, storage, and protection of student data at ÐÇ¿ÕÎÞÏÞ´«Ã½ College. This policy ensures compliance with the Family Educational Rights and Privacy Act (FERPA), Texas Public Information Act, and other applicable regulations, while maintaining the privacy and trust of our students.

2. Scope

This policy applies to:

• All students enrolled at ÐÇ¿ÕÎÞÏÞ´«Ã½ College.
• All faculty, staff, administrators, contractors, and third-party vendors who collect, process, or access student data.
• All college-operated systems, applications, and platforms where student data is stored or transmitted.

3. Definitions

• Student Data: Any information related to an identified or identifiable student that is maintained by ÐÇ¿ÕÎÞÏÞ´«Ã½ College or an authorized party. This includes personally identifiable information (PII), academic records, financial aid data, disciplinary records, and other sensitive information.
• Personally Identifiable Information (PII): Information that can identify an individual such as name, Social Security number, date of birth, address, email, or student ID number.

• FERPA: A federal law that protects the privacy of student education records and grants students’ certain rights regarding their information.

4. Data Collection

• ÐÇ¿ÕÎÞÏÞ´«Ã½ College collects student data solely for legitimate educational, administrative, and operational purposes.
• Data collection methods will comply with FERPA, Texas state law, and other applicable regulations.
• Students will be informed of the purpose for data collection and how their information will be used at the time of collection.

5. Data Usage

• Student data will only be used to support educational programs, financial aid processing, academic advising, campus safety, and other college operations.
• ÐÇ¿ÕÎÞÏÞ´«Ã½ College does not sell or rent student information.
• Data will not be used for marketing without explicit written consent.

6. Data Access and Sharing

• Access to student data is restricted to authorized ÐÇ¿ÕÎÞÏÞ´«Ã½ College employees with a legitimate educational interest.
• Third-party vendors or partners must sign data protection agreements ensuring compliance with FERPA, Texas privacy laws, and ÐÇ¿ÕÎÞÏÞ´«Ã½ College security standards.
• Students have the right to: Review their educational records.
• Request corrections of inaccurate information.
• Limit disclosure of their records to third parties, except as permitted under FERPA.

7. Data Security

• All student data must be stored in secure systems with strong encryption, multi-factor authentication, and access controls.
• Data transmitted electronically must be encrypted using industry standards.
• The college will perform regular audits, vulnerability scans, and compliance checks to safeguard student information.
• Portable storage devices (e.g., USB drives) containing student data must be encrypted and approved by the IT department.

8. Data Retention and Disposal

• ÐÇ¿ÕÎÞÏÞ´«Ã½ College will retain student records according to Texas Higher Education Coordinating Board (THECB) and institutional retention schedules.
• Records no longer required will be securely disposed of through shredding, degaussing, or permanent deletion.

9. Student Rights Under FERPA

Students at ÐÇ¿ÕÎÞÏÞ´«Ã½ College have the right to:

• Inspect and review their education records within 45 days of a request.
• Request correction of inaccurate or misleading information.
• Consent to disclosures of personally identifiable information, except where FERPA allows disclosure without consent.
• File a complaint with the U.S. Department of Education if their rights under FERPA are violated.

10. Breach Notification

In the event of a data breach involving student information:

• ÐÇ¿ÕÎÞÏÞ´«Ã½ College will notify affected individuals as required by Texas Identity Theft Enforcement and Protection Act (Texas Business and Commerce Code §521).
• Notifications will include the nature of the breach, data affected, and recommended steps to protect personal information.

11. Data Analytics and Research

• Student data may be used in aggregate or de-identified form for institutional research, assessment, and reporting purposes.

12. Policy Enforcement

Violations of this policy may result in:

• Disciplinary action up to and including termination for employee.
• Termination of contracts for vendors.
• Referral for legal action where appropriate.

13. Contact Information

For questions or concerns regarding this policy, contact:

ÐÇ¿ÕÎÞÏÞ´«Ã½ College Office of the Registrar

Email: registrar@cisco.edu
Phone: (254) 442-5000

The internet allows access to a wealth of material that is personally, culturally, and professionally enriching to individuals of all ages. It also enables access to materials that may be offensive or disturbing to others as well as illegal under U.S. laws. ÐÇ¿ÕÎÞÏÞ´«Ã½ College does not have the resources to police the global network and takes no responsibility for its content. Rather, all users must take responsibility for their own activities on the internet. The use of the internet is to be consistent with the mission of ÐÇ¿ÕÎÞÏÞ´«Ã½ College, the policies of the College, and State and Federal law. Access to the Internet over college computers is a privilege granted to users and the college reserves the right to suspend this privilege if a user violates any acceptable use clause.

All user accounts associated with the College network infrastructure are the property of ÐÇ¿ÕÎÞÏÞ´«Ã½ College. Any information associated with these accounts are not to be considered private. ÐÇ¿ÕÎÞÏÞ´«Ã½ College reserves the right to monitor and record all network activity including e-mail, with or without notice and; therefore, users should have no expectation of privacy in the use of those resources. Accounts on College owned-computers are limited to employees and current students. Access to College computers is restricted to ÐÇ¿ÕÎÞÏÞ´«Ã½ College faculty, currently enrolled students, and ÐÇ¿ÕÎÞÏÞ´«Ã½ College staff. Community members and others who do not meet the aforementioned requirements are allowed "guest" access to the ÐÇ¿ÕÎÞÏÞ´«Ã½ College Library. All authorized users are solely responsible for managing their files and their e-mail. Accounts may be deleted when employment is terminated, when student status has ended or at the discretion of the Administration of the College and/or the discretion of the network administrator. The college is under no obligation to recover or protect user files from deleted accounts.

Violations of the rights of any person or company protected by copyright, trade secret, patent or other intellectual property, or similar laws or regulations, including, but not limited to the installation or distribution of "pirated" or other software products that are not appropriately licensed for use by ÐÇ¿ÕÎÞÏÞ´«Ã½ College, is strictly prohibited. Unauthorized copying of copyrighted material including, but not limited to, digitization and distribution of photographs from magazines, books or other copyrighted sources. Copyrighted music, copyrighted movies, and the installation of any copyrighted software for which ÐÇ¿ÕÎÞÏÞ´«Ã½ College or the end user does not have an active license is strictly prohibited. Violations of "Use of Copyrighted Material" clause can result in the loss of computer access, suspension, or dismissal.

Email provided by the college is to be used for college/educational purposes only. Any use of "all campus" email lists is restricted to business purposes only.

All persons who publish web pages are responsible for the content of those pages and are required to comply with all ÐÇ¿ÕÎÞÏÞ´«Ã½ College policies and procedures as well as state and federal laws.

The following actions will result in disciplinary action including, but not limited to, the loss of computer privileges, suspension, or dismissal:

1. Damage or destruction of equipment, software, or data belonging to the College or to other users, including the unauthorized adding, altering, or deleting files on College workstations and/or servers.

2. Altering of system settings or Internet browser settings on college owned computers without express permission of an instructor or a member of the IT staff.

3. Reproduction of materials protected by copyright.

4. Violating software license agreements.

5. Violating or attempting to violate computer system or network integrity, including attempts to bypass network security functions, or to obtain restricted passwords for system administration.

6. Using ÐÇ¿ÕÎÞÏÞ´«Ã½ College technology to harass others.

7. Utilizing the Internet or and/or College equipment for unauthorized material/commercial gain or profit.

8. Using the Internet or any College technological resource for any activity prohibited by Federal, State or International Law.

9 Attempting to utilize computing resources for which you do not have access.

10. Sharing your personal password with others.

11. Using another user's password.

12 Impersonating another user via any form of electronic messaging.

13. The production of and/or intentional dissemination of self-replicating or similar nuisance programs (e.g. virus, Trojan Horse), whether or not they are destructive in nature.

The responsibility for maintaining the campus computing environment rests with the IT Services. In order to ensure the smooth functioning of computer equipment, all students, faculty, and staff must observe the following:

1. Only authorized software may be installed on any College computer. IT is responsible for determining what software may or may not be installed, based on technical specifications and licensing.

2. Only authorized IT personnel may repair College computer equipment.

3. The IT department will not work on any student/faculty personal equipment.

4. All maintenance requests must be submitted to the Help Desk.

Any student, faculty or staff member in violation of these guidelines may appeal their case to the relevant College Administrator. Students who have lost the privilege to use computer resources may appeal to the Student Appeals Committee to have their access re-instated. Faculty and staff may appeal to their Director or Department Chair.

The purpose of this document is not to restrict access to information or to restrict personal expression. The guidelines stated herein are to insure the health of the network for educational purposes and to conduct the business of the college. You may disagree with any or all information resource guidelines, either ÐÇ¿ÕÎÞÏÞ´«Ã½ly or privately, in accordance with your First Amendment Rights. However, you may not violate any published guidelines for any reason or cause. Questions regarding these guidelines should be submitted to the Director of IT.

ÐÇ¿ÕÎÞÏÞ´«Ã½ College accepts NO RESPONSIBILITY for any damages to or loss of data due directly or indirectly to the use of ÐÇ¿ÕÎÞÏÞ´«Ã½ College computing resources or any consequential loss or damage. It makes representation of NO WARRANTY, expressed or implied, regarding the computing resources offered, or their fitness for any particular use or purpose. The College's liability in the event of any loss or damage shall be LIMITED TO THE FEES AND CHARGES, IF ANY, PAID TO THE COLLEGE for use of the computing resources, which resulted in a said loss or damage.