A Guide to the Texas A&M University Network

The university network is a strategic asset of the State of Texas and is governed by a hierarchy of federal and state laws, Texas A&M University System (TAMUS) policies, and university-specific rules. By connecting to the network, all users—including faculty, staff, students, contractors, and guests—agree to the following core responsibilities:

• Protect Your Credentials: You are personally responsible for all activities conducted with your NetID. Never share your password or other authentication credentials with anyone (IA-5).
• University SAP 29.01.03.M0.02, Acceptable Use, describes individual responsibilities and expected behavior regarding information resource usage.
• Acknowledge System Use Notification: The login banner displayed on university systems is a formal notice that usage may be monitored and there is no expectation of privacy. Proceeding with login signifies your consent to these terms (AC-8).
• Report Security Incidents: You have a duty to promptly report any suspected security incidents or policy violations to security@tamu.edu or Help Desk Central (IR-6).

University information resources are provided to support the institutional mission of teaching, research, and administration.

• Incidental Personal Use: Brief and occasional personal use is a privilege, not a right. It must not interfere with your duties, result in any cost to the university, or be used for personal monetary gain or prohibited political activities.
• Prohibited Activities: Any activity that is illegal, disrupts the network, or compromises security is strictly forbidden. This includes, but is not limited to:
  • Illegal Acts: Committing copyright infringement, fraud, or other acts that violate the law.
  • Security Violations: Attempting to bypass security controls, accessing systems without authorization (AC-3), or using hacking tools.
  • Unauthorized Hardware: Installing personal wireless access points, routers, or switches on the university network are not allowed. These devices create security risks and interfere with network performance, and their detection may lead to immediate deactivation of the network port (AC-18). An exception may be made for switches for personal use on ResNet in the student dormitories.
  • Disruptive Behavior: Harassing others or intentionally degrading network performance.

Connecting to the Network

The university provides segmented network access to protect its resources:

• TAMU_WiFi: The primary, secure wireless network for faculty, staff, and students.
• Eduroam: A secondary network that utilizes the InCommon federation for authentication.
• TAMU_Visitor: A segregated wireless network for guests that operates outside the main university firewall and does not provide access to internal resources. Visitors should use this network.
• VPN and Remote Desktop: A Virtual Private Network (VPN) is required to access certain restricted internal resources from off-campus. Remote Desktop is the recommended method for securely accessing an on-campus work computer (AC-17).
• Sponsored Access: Contractors and vendors requiring internal access must obtain a sponsored NetID, which is requested and managed by a university employee and expires annually (IA-8).

Device and Data Rules

• Bring Your Own Device (BYOD): All devices connected to the network, including personal ones, are subject to university policies (AC-19). Be aware that personal devices used for university business may be subject to public information requests.
• Prohibited Technologies: State law forbids conducting university business (including checking email) on any personal device that has prohibited applications, such as TikTok, installed. These applications must be removed before using the device for work. See our Prohibited Software page.
• Data Classification and Handling: University data is classified as Public, University-Internal, Confidential, or Critical (DC-1). You are responsible for protecting any data you handle according to its classification. Access to confidential data is restricted based on the principle of "least privilege" (AC-6) and requires explicit authorization (SA-4).
• Data Retention: All data related to university business is considered a state record and must be retained according to the official university records retention schedule (SI-12).

• No Expectation of Privacy: Users have no inherent right to or expectation of privacy when using university information resources. All data on university systems is the property of Texas A&M University (AC-8).
• Network Monitoring: The university routinely monitors network traffic and system activity to detect security threats (SI-4), manage performance, and ensure compliance with laws and policies (AU-6). Data may be disclosed when required by law (e.g., the Texas Public Information Act) or for authorized investigations.
• Consequences of Violations: Failure to comply with these policies will result in disciplinary action (PS-8).
  • Students: Violations are handled by the Student Conduct Office and can result in sanctions up to and including expulsion.
  • Faculty and Staff: Violations are handled through Human Resources and can lead to disciplinary action up to and including termination of employment.
  • Contractors/Third Parties: Violations can result in immediate revocation of access, termination of contracts, and potential legal action.

Protecting the Texas A&M network is a shared responsibility. By understanding and adhering to these rules, you help ensure that this vital university asset remains secure, reliable, and effective for the entire Aggie community.