Home  l  Role & Plan  l  News & Updates  l  Policies  l  Helpdesk  l  Sections  l  Asset Systems  l  Location  l  Cisco Academy  l  
USP Home » Information Technology Services » Policies

Print


Quick Links
» Lab Bookings
» W32/Korgo.x worm
» W32/Bagle.ag@MM worm
» Staff Dialup Access
» Security Tips




Conditions of Use of Computing and Networking Facilities

The Committee approved Paper CITC1/04/6 Use of Computing and Networking Facilities (Revised). Included with the policy statement were

  1. Code of Practice in the USE of Computing & Network Facilities
  2. Code of Practice for Specific Activities
  3. USP Policy governing the use of Computer Facilities, and
  4. University Policies on E-Mail distribution (tabled at the meeting).

 

 

University of the South Pacific

  1. Conditions of Use of Computing and Networking Facilities.

    1. It is the policy of the University that its computing and networking facilities are intended for use for teaching, learning, research and administration in support of the University's mission. Although recognising the increasing importance of these facilities to the activities of staff and students, the University reserves the right to limit, restricts, or extends access to them.
    2. All persons using the computing and networking facilities shall be responsible for the appropriate use of the facilities provided as specified by the "Codes of Practice" of this policy, and shall observe conditions and times of usage as published by the Administrator of the system.
    3. It is the policy of the University that its computing and associated network facilities are not to be used for commercial purposes or non-University-related activities without written authorisation from the University. In any dispute as to whether work carried out on the computing and networking facilities is internal work, the decision of the Vice-Chancellor or his delegate shall be final.
    4. The user will not record or process information, which knowingly infringes any, patent or breach any copyright.
    5. The University will endeavor to protect the confidentiality of information and material furnished by the user and will instruct all computing personnel to protect the confidentiality of such information and material, but the University shall be under no liability in the event of any improper disclosure.
    6. The University will endeavor to safeguard the possibility of loss of information within the University's computing and networking facilities but will not be liable to the user in the event of any such loss. The user must take all reasonable measures to further safeguard against any loss of information within the University's computing and networking facilities.
    7. If a loss of information within the system can be shown to be due to negligence on the part of the computing or network personnel employed by the university, or to any hardware or software failure which is beyond the user's means to avoid or control, then the Information Technology Services will endeavour to help restore the information and will not charge the user for computer time spent in such restoration.
    8. The use of the computing and networking facilities is permitted by the University on the condition that it will not involve the infringement of any patent or the breach of any copyright and the user agrees to indemnify and keep indemnified the University and each member and every member of its staff against all actions, claims, and demands for infringement of patent and or breach of copyright which may be brought or made against the University or any member of its staff arising out of or in connection with the use of the computing and networking facilities.
    9. Users of the computing and networking facilities recognise that when they cease to be formally associated with the University (e.g. no longer an employee, enrolled student or visitor to the University), their information may be removed from University computing and networking facilities without notice. Users must remove their information or make arrangements for its retention prior to leaving the University.
    10. The University reserves the right to limit permanently or restrict any user's usage of the computing and networking facilities; to copy, remove, or otherwise alter any information or system that may undermine the authorised use of the computing and networking facilities; and to do so with or without notice to the user in order to protect the integrity of the computing and networking facilities against unauthorised or improper use, and to protect authorised users from the effects of unauthorised or improper usage.
    11. The University, through authorised individuals, reserves the right to periodically check and monitor the computing and networking facilities, and reserves any other rights necessary to protect them.
    12. The University disclaims responsibility and will not be responsible for loss or disclosure of user information or interference with user information resulting from its efforts to maintain the privacy, security and integrity of the computing and networking facilities and information.
    13. The University reserves the right to take emergency action to safeguard the integrity and security of the computing and networking facilities. This includes but is not limited to the termination of a program, job, or on-line session, or the temporary alteration of user account names and passwords. The taking of emergency action does not waive the rights of the University to take additional actions under this policy.
    14. Users of the computing and networking facilities do so subject to applicable laws and University policies. The University of the South Pacific disclaims any responsibility and/or warranties for information and materials residing on non-university computer systems or available over publicly accessible networks, except where such responsibility is formally expressed. Such materials do not necessarily reflect the attitudes, opinions, or values of the University, its staff, or students.
    15. The Director of the IT Services Department may suspend any person from using the computing and networking facilities for a period not exceeding 28 days (and may recommend additional penalties to the Vice-Chancellor) if after appropriate investigation that person is found to be;
      • Responsible for willful physical damage to any of the computing and networking facilities;
      • In possession of confidential information obtained improperly;
      • Responsible for willful destruction of information;
      • Responsible for deliberate interruption of normal services provided by the Information Technology Services Department;
      • Responsible for the infringement of any patent or the breach of any copyright;
      • Gaining or attempting to gain unauthorised access to accounts and passwords;
      • Gaining or attempting to gain access to restricted areas without the permission of the Director;
      • Responsible for inappropriate use of the facilities.
    16. External work or use of the computing and networking facilities shall not be undertaken which would prevent University users from having their usual access to the facilities.


  2. Code of Practice in the Use of Computing & Network Facilities

    1. INTRODUCTION
      Standards for the use of the University's computing and networking facilities derive directly from standards of common sense and common decency that apply to the use of any shared resource. The University community depends on a spirit of mutual respect and cooperation to resolve differences and resolve problems that arise from time to time. This code of practice is published in that spirit. Its purpose is to specify user responsibilities and to promote the appropriate use of IT for the protection of all members of the University community.

    2. APPROPRIATE AND REASONABLE USE.
      Appropriate and responsible use of the University of the South Pacific computing and networking facilities is defined as use that is consistent with the teaching, learning, research and administrative objectives of the University and with the specific objectives of the project or task for which such use was authorised. All uses inconsistent with these objectives are considered to be inappropriate use.

    3. RESPONSIBILITIES.
      Users of the University of the South Pacific computing and networking facilities accept the following specific responsibilities:
      1. Security:
        • To safeguard their data, personal information, passwords and authorisation codes, and confidential data;
        • To take full advantage of file security mechanisms built into the computing systems;
        • To choose their passwords wisely and to change them periodically;
        • To follow the security policies and procedures established to control access to and use of administrative data.
      2. Confidentiality:
        • To respect the privacy of other users; for example, not to intentionally seek information on, obtain copies of, or modify files, or passwords belonging to other users or the University;
        • Not to represent others, unless authorised to do so explicitly by those users;
        • Not to divulge sensitive personal data to which they have access concerning staff or students without explicit authorisation to do so.
      3. To respect the rights of other users; for example, to comply with all University policies regarding sexual, racial, and other forms of harassment. The University of the South Pacific is committed to being a racially, ethnically, and religiously heterogeneous community.
      4. To respect the legal protection provided by copyright and licensing of programs and data; for example, not to make copies of a licensed computer program to avoid paying additional license fees or to share with other users.
      5. To respect the intended usage of resources; for example, to use only the account name and password, assigned by the Information Technology Services Department for the purposes specified, and not to access or use other account names and passwords unless explicitly authorised to do so by the appropriate authority.
      6. To respect the intended usage of systems for electronic exchange (such as e-mail, News, World Wide Web, etc.); for example, not to send forged electronic mail, mail that will intimidate or harass other users, chain messages that can interfere with the efficiency of the system, or promotional mail for profit-making purposes. Also, not to break into another user's electronic mailbox or read someone else's electronic mail without their permission.
      7. To respect the integrity of the computing and networking facilities; for example, not to intentionally develop or use programs or processes that harass other users or infiltrate the system or damage or alter the software or data components of a system. Alterations to any system or network software or data component are to be made only under specific instructions from authorised staff.
      8. To report any information concerning instances in which the University IT Policies or any of its standards and codes of practice has been or is being violated. In general, reports about violations should be directed initially to the administration of the school, area or section where the violation has occurred whereupon it will be passed on to the Custodian of the system. If it is not clear where to report the problem, it may be sent to the Information Technology Services Help Desk which will redirect the incident to the appropriate person(s) for action or will handle it directly.


    4. CODE OF PRACTICE FOR SPECIFIC ACTIVITIES.

      The following apply to specific activities.
      1. Illegal activity.
        In general, it is inappropriate use to store and/or give access to Information on the University computing and networking facilities that could result in legal action against the University.

      2. Objectionable material.
        The University's computing and networking facilities must not be used for the transmission, obtaining possession, demonstration, advertisement or requesting the transmission of objectionable material, namely:
        1. A film classified RC (refused classification), a computer game classified RC (refused classification), or a refused publication;
        2. Child pornography;
        3. An article that promotes crime or violence, or incites or instructs in matters of crime or violence; or
        4. An article that describes or depicts, in a manner that is likely to cause offense to a reasonable adult e.g.
          • The use of violence or coercion to compel any person to participate in, or submit to, sexual conduct;
          • Sexual conduct with or upon the body of a dead person;
          • The use of urine or excrement in association with degrading or dehumanizing conduct or sexual conduct;
          • Bestiality;
          • Acts of torture or the infliction of extreme violence or extreme cruelty.
      3. Restricted Material
        The University's computing and networking facilities must not be used to transmit or make available restricted material to a minor, which can be defined as an article that a reasonable adult, by reason of the nature of the article, or the nature or extent of references in the article, to matters of sex, drug misuse or addiction, crime, cruelty, violence or revolting or abhorrent phenomena, would regard as unsuitable for a minor to see, read or hear.

      4. Restricted Software and Hardware.
        Users should not knowingly possess, give to another person, install on any of the computing and networking facilities, or run, programs or other Information which could result in the violation of any University policy or the violation of any applicable license or contract. This is directed towards but not limited to software known as viruses, Trojan horses, worms, password breakers, and packet observers. Authorisation to possess and use Trojan horses, worms, viruses and password breakers for legitimate research or diagnostic purposes can be obtained from the Director of the Information Technology Services.

        The unauthorised physical connection of monitoring devices to the computing and networking facilities which could result in the violation of University policy or applicable licenses or contracts is inappropriate use. This includes but is not limited to the attachment of any electronic device to the computing and networking facilities for the purpose of monitoring data, packets, signals or other information. Authorisation to possess and use such hardware for legitimate diagnostic purposes must be obtained from the Director of the Information Technology Services Department.
      5. Harassment.
        1. University policy prohibits sexual and discriminatory harassment. The University of the South Pacific computing and networking facilities are not to be used to libel, slander, or harass any other person. The following constitute examples of Computer Harassment:
          • Intentionally using the computer to annoy, harass, terrify, intimidate, threaten, offend or bother another person by conveying obscene language, pictures, or other materials or threats of bodily harm to the recipient or the recipient's immediate family;
          • Intentionally using the computer to contact another person repeatedly with the intent to annoy, harass, or bother, whether or not any actual message is communicated, and/or where no purpose of legitimate communication exists, and where the recipient has expressed a desire for the communication to cease;
          • Intentionally using the computer to contact another person repeatedly regarding a matter for which one does not have a legal right to communicate, once the recipient has provided reasonable notice that he or she desires such communication to cease (such as debt collection);
          • Intentionally using the computer to disrupt or damage the academic, research, administrative, or related pursuits of another;
          • Intentionally using the computer to invade the privacy, academic or otherwise, of another or the threatened invasion of the privacy of another.
        2. The display of offensive material in any publicly accessible area is likely to violate University harassment policy. There are materials available on the Internet and elsewhere that some members of the University community will find offensive. One example is sexually explicit graphics. The University cannot restrict the availability of such material, but it considers its display in a publicly accessible area to be inappropriate. Public display includes, but is not limited to, publicly accessible computer screens and printers.

      6. Wasting Resources
        1. It is inappropriate use to deliberately perform any act which will impair the operation of any part of the computing and networking facilities or deny access by legitimate users to any part of them. This includes but is not limited to wasting resources, tampering with components or reducing the operational readiness of the facilities.
        2. The willful wasting of computing and networking facilities resources is inappropriate use. Wastefulness includes but is not limited to passing chain letters, willful generation of large volumes of unnecessary printed output or disk space, willful creation of unnecessary multiple jobs or processes, or willful creation of heavy network traffic. In particular, the practice of willfully using the University's computing and networking facilities for the establishment of frivolous and unnecessary chains of communication connections is an inappropriate waste of resources.
        3. The sending of random mailings ("junk mail") is discouraged but generally permitted in so far as such activities do not violate the other guidelines set out in this document. It is poor etiquette at best, and harassment at worst, to deliberately send unwanted mail messages to strangers. Recipients who find such junk mail objectionable should contact the sender of the mail, and request to be removed from the mailing list. If the junk mail continues, the recipient should contact the appropriate local support person.

      7. Game Playing.
        Limited recreational game playing, that is not part of an authorised and assigned research or instructional activity, is tolerated (within the parameters of each department's rules). University computing and network services are not to be used for extensive or competitive recreational game playing. Recreational game players occupying a seat in a public computing facility must give up that computing position when others who need to use the facility for academic or research purposes are waiting.

      8. Commercial Use
        University computing and network facilities are provided by the University for the support of its mission. It is inappropriate to use the computing and networking facilities for:
        1. Commercial gain or placing a third party in a position of commercial advantage
        2. Any non-university related activity, including non-university related communications
        3. Commercial advertising or sponsorship except where such advertising or sponsorship is clearly related to or supports the mission of the University or the service being provided.

      9. Use for Personal Business.
        University computing and network facilities may not be used in connection with compensated outside work nor for the benefit of organisations not related to the University of the South Pacific, except in connection with scholarly pursuits (such as academic publishing activities), in accordance with the University Consulting Policy or in a purely incidental way. This and any other incidental use (such as electronic communications or storing data on single-user machines) must not interfere with other users' access to resources (computer cycles, network bandwidth, disk space, printers, etc.) and must not be excessive.

      10. Additional Guidelines at Local Sites.
        The University computing and network facilities are composed of many "sites." Each site may have local rules and regulations which govern the use of computing and network facilities at that site. Each site has IT operators or administrators, who have been given the responsibility to supervise the use of that site. Users are expected to cooperate with these individuals and comply with University Policies and local site rules and regulations.

      11. Connection to the Campus-Wide Data Network.
        Most campus buildings are included in the Campus Network. To maintain the integrity of the University computing and network facilities, connections to the campus network are made only by specialised personnel under the direction of the Information Technology Services Department. Users are encouraged to attach appropriate equipment only at existing user-connection points. All requests for additional Network connections or for the relocation of a connection should be directed to the Helpdesk.

      12. Use of Desktop Systems.
        Users are responsible for the security and integrity of University information stored on their personal desktop system. This responsibility includes making regular disk backups, controlling physical and network access to the machine, and updating of virus definition files. Users should avoid storing passwords or other information that can be used to gain access to other campus computing resources. Users should not store University passwords or any other confidential data or information on their laptop or home PC or associated floppy disks or CD’s. All such information should be secured after any dialup connection to the University network

      13. Use of External Services.
        Networks and telecommunications services and administrative systems and services to which the University of the South Pacific maintains connections (e.g. Connect) have established acceptable use standards. It is the user's responsibility to adhere to the standards of such networks. The University cannot and will not extend any protection to users should they violate the policies of an external network.

      14. Printouts.
        Users are responsible for the security and privacy of printouts of University information.

      15. Policy violations
        Violations of University policies may result in restriction of access to University Information Technology resources. In addition, disciplinary action may be applicable under other University policies, guidelines, implementing procedures, or collective bargaining agreements.

      16. Responsibility for the Policy
        The Chairperson, Communication Information Technology Committee (CITC) in the Office of the Chairperson is responsible for development, maintenance and dissemination of this Policy.


Disclaimer & Copyright l Contact Us l 
© Copyright 2004. All Rights Reserved.
Page updated: Tuesday, August 31, 2004
 The University of the South Pacific
Laucala Campus, Suva, Fiji
Tel: +679 331 3900