Policies: NC State

From WolfTech
Revision as of 15:09, 21 June 2006 by Djgreen (talk | contribs)
Jump to navigation Jump to search

Computer Use Policy

The computer facilities here at NC State are intended primarily for academic and administrative functions. Usage of these facilities is covered under both state and federal laws in addition to University policies and procedures. There are limits on what can be done on the computers here at NC State.

First of all, anything you do must be legal under federal and state laws. You must also not violate NC State policies or overload the NC State data network. You are disallowed from using computers for commercial gain, sending spam, or costing the University money as a result of your usage of the computers at NC State. Each department may have additional usage policies.

Data sent and stored by means of NC State facilities is subject to certain restrictions. One of those being that the University reserves the right to examine any data stored or sent on the NC State data network. Access rights can also be revoked due to violations of the University Computer Usage policies.

Please make note of the following:

  • Your account is yours, do not share it or your password with anyone else
  • The University reserves the right to monitor your traffic to ensure security and stability among the system
  • Personal usage of the computers is allowed provided what is being done is legal under federal and state laws in addition to NC State policies
  • Personal webpages may not contain paid advertisments
  • All information contained in University systems is considered public record

Copyright Infringement Policy

Copyrights are a touchy issue which seem to show up a lot of places today. Anything created with any bit of creativity is automatically copyrighted upon completion of the work. The copyright protects against copying, distributing, modifying, displaying, and performing material. It is important not to infringe upon the copyrights of others.

Copyright violations are serious matters which typically end up in court with one side losing considerable capital and credibility. Should the University be contacted about a copyright violation, they will inform the alleged violator and there is a series of steps which must be completed in order to finish the matter. The full explaination can be found at NC State's Copyright Procedure page.

Once the University has discovered there is a copyright violation on one of its pages, an attempt to establish the copyright owner will occur. Next, possible legal defenses are considered. After this, the University will try to mediate a solution to the problem. If no agreement can be reached, the material will be removed. Finally, whatever disciplinary action that needs to be taken will occur.

Copyright can be summed up as follows:

  • It is a protection of the expression of an idea, but not the idea itself.
  • Facts, words, and databases typically do not qualify for copyright.
  • Copyright begins immediately after creation of document.
  • Ownership of media does not imply ownership of copyright.
  • Most e-mails, webpages, and computer files are copyrighted.


Remember, just because something is not stated as copyrighted, does not mean that it is not copyrighted.


FINISH THIS PAGE

http://www.ncsu.edu/copyright/

Info:

As part of ongoing efforts to educate the campus community on issues related to peer-to-peer file sharing, Chancellor Fox, Provost Oblinger and Vice Chancellor Worsley issued an open letter entitled "Liability for illegal file sharing " earlier this month. The letter is intended to alert faculty and staff as well as students "of the personal risk involved with unauthorized file sharing of copyrighted material."

The letter was published in the online official Bulletin and as a full-page ad in Technician on February 13. Harry Nicholos, university agent for Digital Millenium Copyright Act (DMCA) infringement notification, will be giving presentations on the topic to the Staff and Faculty senates in March. For more information about DMCA issues, visit the newly revised Copyright Infringement site: http://www.ncsu.edu/copyright/ For more information about national efforts to curb illegal filesharing on college campuses, see http://www.educause.edu/issues/rfi/pr090203.asp

ITD Rules and Regulations

The Information and Technology Division at NC State helps create and enforce policies, rules, and regulations concerning computer usage, systems, and services. They govern campus-wide academic computing resources. This includes everything from Eos/Unity accounts to education programs to personal webpages. The details of the individual policies are listed below.

  • Eos/Unity Accounts
    • Use of the account by anyone other than the owner is prohibited.
    • Account holders are responsible for all activites on the the account.
    • Account holders are responsible for keeping passwords secure.
    • Only one RealmID will be issued per student.
  • Computing Labs
    • Those using University facilites will take proper care of equipment, including making no repairs or configuration changes to systems.
    • Recreational use during periods of light usage is permitted, but when resources are needed for academic purposed, gamers should yield the equipment.
    • Refrain from noise, sound effects, violent motion, etc. because it may distract others
  • Education Programs
    • ITD provides free education workshops to faculty, staff, and graduate students on a host of technologies each semester.
    • The Avent Ferry Convention Center may be reserved by groups in order to have access to resources.
    • There are also three labs located in D H Hill Library for usage of the Education Programs.

Nomad Wireless Usage

Wireless Network users should understand the following:

  • Running remote services (web server, ftp server, nfs server, any person-to-person file sharing services, etc) are PROHIBITED. However, users will be able to connect to such services provided elsewhere.
  • All users will be automatically logged out if they are network idle for 2 hours or are off of the network for 10 minutes.
  • All traffic to and from the Nomad System is logged and associated with the user, as permitted by the NC State Administrative Regulations, section II, G.
  • NOMAD Wireless transmissions are not encrypted--wireless network users are responsible for the security of the data transmissions they send over the wireless network. Users are strongly encouraged to use secure application-level protocols when sensitive information traverses the wireless network; otherwise, they should move to the wired network. Example secure application-level protocols are: https, ssh, scp, vpn.

https://nomad.ncsu.edu/local/wireless-aup.html

Online Safety and Security Policy

On any group of unsecured networked computers, it is possible for any one computer on the network to gain access to any or all of the other other computers on the network. This can be done via a direct attack by a cracker, a malicious hacker, or an indirect attack from a virus. This is why it is of the utmost importance for you to take the necessary security precautions. Some steps that can be taken to help ensure your online safety are: keeping all passwords unique and secret, keep current antivirus software installed, and run a firewall whenever you are on the Internet. These simple actions will help keep you safe from threats across the board.

Internet safety is not only important when it comes to crackers or viruses. It is just as important to protect yourself from lawsuits. Illegally sharing copyrighted materials, including music, movies, books, etc., can be just as dangerous as giving someone your passwords. Distribution of such files can earn you up to a $250,000 fine.

The following list presents a condensed version of safe computer practices.

  • Keep your computer software up-to-date with the latest antivirus software and patches.
  • Make backups of your important files in case something happens to them.
  • Do not violate copyrights. Piracy is not tolerated.
  • Make sure you read the End User Liscense Agreements for all software you install.

Unity Accounts

Move to UnityID page A Student's RealmID Account is their link to NCSU's Information Technology. All incoming students automatically have an account created for them before the begining of their first semester. Using his or her RealmID Account, a student can access Universtiy e-mail, personal file storage space, computers in Unity labs, and more. Accounts may be used for either academic or personal usage and they will remain vaild until a student is no longer registered at NC State. Accounts are disabled should a student should violate Computer Use Policy.


The following list shows some of the features of the RealmID Accounts offered at NC State.

  • 300MB of storage to be shared among IMAP, AFS, and Novell storage quotas; this includes the ability to serve a webpage.
  • Passwords must be changed regularly and kept confidential.
  • Passwords should also be complex and hard to guess for somebody else.
  • E-mail may be forwarded for a period of up to five years to another account. Send request to accounts@ncsu.edu.
  • Accounts are accessible during the summer for students pre-registered for next fall, they are active for preregistered students.
  • Co-Op and Study Abroad students retain access rights to accounts assuming they are still paying tuition.
  • Accounts are deactivated if the student is not registered by census day - the tenth day of classes for regular semesters.
  • Your account is determined by the first letter of your first and middle name, follwed by the first six letters of your last name.


Students not enrolled for on-campus courses will retain access to their accounts provided:

  • They are pre-registered for the upcoming fall semester.
  • They are participating in Life-Long Education.
  • They are actively studying abroad and registered for either ISE 900 or ISE 910.
  • They are active in a Co-op program.
  • They graduated no more than four months ago.

Violations of Policy

As users commit various violations of ITD policies, punishments have been scaled in order to take account the severity of the violation. ITD staff takes into account the severity of risk presented to the school and the ammount of damage done to systems when classifying violations. The lowest risk violations are classified as level one, medium risk as level two, and high risk are level three violations.

Level one
For committing a level one violation, users will receive an e-mail from ITS notifying them of the violation breeched and a link to the published policy. There will also be a request for a written response by the user pledging to stop the behavior. Level one violations include, but are not limited to, eating or drinking in labs, reports of offensive e-mail, minor incidents of chain mail.
Level two
These violations require that the offender discuss the incident with the investigator of the offense. Offenders will also be asked to sign a document acknowledging that they understand the rules and regulations. Violations include not responding to level one warnings, account sharing, spamming, and port scanning.
Level three
For level three violations, the offender will be sent to the appropriate University officials (Student conduct for cases of student offenders). Level three violations include denying access to users, interfere with regular network operations, infringe copyrights, and forging e-mails.

Loss of access to account, service, machine, etc. - Section V of NC State's Administrative Regulations-Computer Use states that "a University system administrator (or designees) may suspend a user's access privileges or suspend services to a computer, for as long as necessary to protect the University's computing resources, to prevent an ongoing threat of harm to persons or property, or to prevent a threat of interference with normal University functions." In such a case, ITD staff will observe the following:

  1. The user will be sent either an electronic or a written note communicating the suspension, the reasons for suspension, and when the suspension may be discussed with an administrator.
  2. The user must be given a chance to meet with the system administrator at his or her earliest convenience. The system adminstrator will review his or her decision after this meeting.
  3. Following the meeting, the user will be sent notification of the system administrator's decision. The user will also be notified that he or she may appeal to the system adminstrator's immediate supervisor.

In order to maintain accurate records, ITD staff keeps a restricted-access database of all violations that come to their attention. Although they are not publicly accessible, these records may be used by appropriate officials during disciplinary or legal proceedings.

Web Accessibility

See information here

Network Scanning

Campus Policy Regarding Running Network-Based Security Software

  • Campus computing and network administrators have the authority and responsibility to run programs or take other actions for support and security of the campus environment. Advanced notification to appropriate unit administration and support personnel is required for all actions which might reasonably be expected to pose a risk to production work. Prompt notification is required of mistakes or unexpected results which negatively impact production work.
  • College and departmental administrators should restrict actions to their domain of responsibility except by mutual agreement with other affected domain peers.
  • Students are not allowed to run network based security analysis programs such as Satan and doing so will subject them to disciplinary action.
  • These programs are a fact of life and NCState.Net will test and investigate such programs as necessary to identify risks and corrective and/or protective measures. As stated above, NCState.Net will provide advanced notification to appropriate unit and support personnel when there are reasonable expectations that risks to production work may be involved.