George Brown Polytechnic is located on the traditional territory of the Mississaugas of the Credit First Nation and other Indigenous peoples who have lived here over time. We are grateful to share this land as treaty people who learn, work and live in the community with each other.
Technology and cybersecurity policies help define how George Brown Polytechnic technology assets, systems, data, and digital services should be accessed, used, protected, and managed.
This page brings together key policies to review when questions arise about AI tools, institutional accounts, data protection, cybersecurity, privacy, acceptable use, or the use of George Brown technology resources: the Cyber Security Policy and the Acceptable Use Policy. These policies should be read alongside George Brown Polytechnic’s Position on AI and Guiding Principles for AI Use.
Cyber Security Policy
The Cyber Security Policy establishes the strategy and direction for protecting George Brown technology assets and safeguarding confidentiality, integrity, and availability. The policy is intended to support information protection, regulatory compliance, risk management, education and awareness, incident response, system integrity, continual improvement, and digital inclusivity, accessibility, and equity.
The policy applies to George Brown users, including students, employees, consultants, contractors, vendors, temporary workers, guests, trusted partners, alumni, board members, and agents. It outlines responsibilities for users, including policy compliance, mandatory training for employees, incident reporting, information protection, and continuous vigilance.
This policy is an important reference when AI tools or AI-related projects involve George Brown technology assets, institutional data, access controls, third-party services, security risks, or information protection. Users should follow cybersecurity guidance, protect information based on its sensitivity and criticality, and report suspected or actual cybersecurity incidents through the appropriate channels.
The policy also outlines cybersecurity principles, including information protection, transparency and accountability, continuous awareness and training, asset security, identity and access management, cybersecurity risk management, communications security, incident management, third-party risk management, security and privacy by design, continuous improvement, accessibility, and equity.
For questions about cybersecurity or to report non-compliance or a policy violation, users should contact Information Technology Services.
Acceptable Use Policy
The Acceptable Use Policy outlines permitted and prohibited practices when using George Brown technology assets. The policy explains how George Brown information may be accessed, used, stored, processed, transmitted, and disposed of when using institutional technology assets. It applies to users of George Brown technology assets, including students, employees, faculty, consultants, contractors, vendors, guests, trusted partners, alumni, and agents.
The policy states that George Brown technology assets must primarily be used for working, academic learning, teaching, research, or support purposes. It also notes that users are responsible for using technology assets in line with George Brown policies and are accountable for actions carried out using their George Brown account.
This policy is an important reference when employees, faculty, students, or other users access AI tools through George Brown accounts, use George Brown systems to store or process information, or consider using third-party tools for academic, work, or support purposes. Users should protect their login credentials, avoid unauthorized software or hardware, use approved storage systems where required, and follow institutional guidance for secure use of technology assets.
The policy also outlines prohibited activities, including using George Brown technology assets to violate laws or policies, engage in discrimination or harassment, access or disclose information without authorization, install software without authorization, use another person’s credentials, impersonate another person, or compromise George Brown networks, systems, or resources.
For questions about acceptable use, users should contact Information Technology Services.
- Review George Brown Polytechnic’s Position on AI and Guiding Principles for AI Use
- Visit AI Tools and Technology
- Visit Microsoft Copilot
- Visit ChatGPT
- Visit Using AI Tools Responsibly