Haaga-Helia user rules for IT services

Introduction

1. Haaga-Helia University of Applied Sciences aims to provide its students and staff with an excellent opportunity to use computers and networks. To ensure everyone benefits from Haaga-Helia's computing services, it is important that the following regulations on the rights and responsibilities of users and systems administrators are observed.

2. The regulations apply to the use of all IT systems and networks administered by Haaga-Helia, as well as the use of such systems for which access rights have been obtained by Haaga-Helia's IT Team. The IT team is here referred to as systems administrator.

3. Similar regulations are in force in numerous other associations which include university computing systems or are connected to such systems. Examples of such associations are FUNET, Nordunet, and the American NSFnet. The preparation of these regulations has also observed regulations compiled by other Finnish institutions of higher education (e.g. Helsinki University of Technology). The objective is to guarantee that such institutes share a common set of principles, which will help people to use IT systems and networks and find solutions to common problems.

4. The regulations are based on the following general principles:

• Everyone is entitled to use IT systems and networks in such a way that is consistent with the regulations.
• Users are not allowed to interfere with the work of other users.
• The right to privacy of users must be respected.

5. Systems administrators may supplement the regulations with specific guidelines on the use of equipment, software and networks. Example areas are:

• conferencing systems
• computers
• passwords

Responsibilities of systems administrators

1. Systems administrators are responsible for organizing a good working environment. Separately appointed systems managers carry out all practical system-related tasks.

2. Network accounts are granted to Haaga-Helia's staff as well as students.

3. The basic guidelines for the use of system recourses are available from the IT Team. Systems administrators will inform of modifications in the system and their possible effects and provide, if necessary, assistance.

4. Systems administrators are required to maintain strict confidentiality in all matters concerning IT systems and networks.

Rights of systems administrators

1. The IT team has permission to restrict and regulate the use of systems to manage its duties.

2. The named persons in charge have a right to study the user's files if the urgent clarifying of the state of the system in fault situations will require it or when the abuse of systems is doubted.

Responsibilities of users

1. To make good working conditions possible, the users have to know their responsibilities in the use of the systems. These instructions apply to the systems which require login (the machines or network stations of several users) and partly to the devices which do not require the user's identification (the microcomputers and data communications equipment).

2. Everyone must always use their own name and own username except in those cases in which anonymous use has been allowed separately. The course and group usernames that are given for a certain purpose also form an exception. The holder of the username is responsible for the fact that the username is used according to the license application.

3. The users have to take other users of the system into consideration.

4. The users have to take care of matters which are related to common information security. Even if there were no special need to protect yourself, others may have. The careful handling of the password is necessary to repel malpractices. All users have a responsibility for the overall security of the system.

5. Given instructions must be followed.

Rights of users

1. The holder of the username is entitled to use Haaga-Helia's IT equipment and networks in accordance with the educational, teaching, research, and administrative purposes of Haaga-Helia.

2. The user may offer initiatives on developing computing services to systems administrators.

3. The user may file a complaint first with the IT team and then with the Management Group of Haaga-Helia if the user is dissatisfied with the disciplinary measures taken by the systems administrators towards them.

Restrictions on use

1. Interfering with the work of other users as well as the wasteful use of computer and network capacity is prohibited.

2. The use of Haaga-Helia IT systems and network connections must comply with the educational, teaching, research, and administrative purposes of Haaga-Helia. The commercial use of computing resources is strictly prohibited. Uses that involve a fee are agreed on separately.

3. Accessing computing services without an authorized network account is prohibited. Accessing computing services with a false username as well as exceeding restrictions on account use is prohibited. The use of computing resources and networks to break into other systems is also prohibited.

4. Connecting devices to the network without the permission of the IT team is strictly prohibited. Devices that may be connected to the network are used only for the reception of personal data transmissions.

5. Altering hardware and system files is prohibited. This also applies to single-user systems.

6. Bypassing quotas and restrictions on account use is prohibited.

7. Seeking out and using known or new security openings is prohibited.

8. The unauthorized copying of programs, software, and files is prohibited.

9. Installing programs or scripts to any device in Haaga-Helia without the permission of the systems administrators is prohibited.

Misuse and its consequences

1. The misuse of IT systems refers to all such actions that

• are consistent with the stated purpose of the computing resources
• interfere with network connections or other systems that are included in this network
• violate guidelines on computer use
• use features or part of the system in such a way that is prohibited by the guideline
• are prohibited by the systems manager or owner

2. Incidents involving the misuse of Haaga-Helia's computing resources are primarily dealt with according to the internal guidelines of Haaga-Helia. If misuse is suspected, the following procedures will be observed:

• The systems administrators will contact the user and investigate the suspected misuse.
• The user may be issued a warning or the user's access privileges may be restricted or denied temporarily depending on the misuse.
• The IT Team is responsible for the above disciplinary measures. The loss of user privileges applies to misuses that have occurred within Haaga-Helia, as well as activities that have continued regardless of the warning.
• The appointed systems managers have the discretionary power to deny or restrict access to Haaga-Helia's computing services during the inquiry.
• The opinion of the user and the other parties involved are to be heard during the inquiry. The decision on possible disciplinary measures is based on the inquiry. The user is entitled to challenge this decision with Haaga-Helia's Managing Group.

3. The user should be aware of Finnish criminal law as well as copyright and national register law that contains statutes on IT use.

4. If misuse is serious or involves parties outside Haaga-Helia, a police investigation may be instigated.