These binding rules concern all users. Including you.These rules apply to the use of all of the University's IT services, hardware, software and networks. The University authorises users to access its IT services by granting user IDs (user accounts) ormaking services available.Every user is personally responsible for all use of the services with his/her user ID. The provided IT services are intended for work- and study-related use.They may also be used for personal purposes within reason and in keeping with laws and goodpractices.Other users' privacy and ownership of information must be respected at all times. Use of the services for any commercial or propagandistic purposes is forbidden. Unauthorised use is forbidden.Use of services is monitored, and breach of these rules will be sanctioned.
The Rules of IT Service Use bind and obligate all members of the university community, users of ITservices and systems, and all units of the University.These rules apply to all of the University's IT services and hardware, and the use thereof, also including services made available or authorised by the University. Examples of such services are CSC's services HAKA, Funet, etc.
Authorised users are allowed to use the university's IT services. Compliance with the Rules of IT Service Use is a prerequisite for authorisation.– The scope of usage authorisation depends on the user's status and tasks (roles) at the University– one person may have several roles
The authorisation expires when– the person is no longer a member of the university community– the granted fixed term user ID expires– the person's role changes, and the new role does not make him/her eligible to use the IT services.Usage authorisation can be restricted if there is justified reason to suspect that information security has been compromised or the services have been abused.The user must remove all personal e-mails and files from the system before the expiry of his/her usage authorisation. The University will delete all files and mailbox contents when pre-determined notice period have passed since the expiry of the user ID or usage authorisation. University staff members, as well as students who have worked in research teams or participated in other such activities, must transfer all work-related messages and files to the person specified with the supervisor.All users must uninstall any software based on employee or student licenses from their home computers when their employment or study right ends.
– Users are identified (authenticated) with the user ID (user account)
The use of group IDs can compromise the confidentiality of information. For example, in the case of using an administrator-level group ID in order to use special software in a computer lab.– The user who applies for a group ID is responsible for the distribution of the ID– group IDs may only be used for the purpose specified in the application and granted permit– every group ID user is responsible for his/her actions conducted using the ID.
User accounts must be protected using strong passwords and complying with other instructions. If there is reason to believe that a password or other account details have been compromised, the password must be changed or the use of the compromised element must be prevented immediately.– Never dispose or lend your username and password to other persons– each user is responsible for all actions conducted using his/her ID– users are financially and legally liable for any damage or loss caused using their ID– the use of another person's ID is forbidden, even upon the user's own request.
The University’s IT services are intended to serve as tools in tasks related to studies, research, teaching or administration.
Small-scale private use refers to such actions as private e-mail conversations and online service use. However, private use must never– disturb other use of the system– breach the rules and instructions of IT service use.
Special permission for these purposes can, however, be applied from IT Management.– Commercial use is only allowed in cases assigned by the University– use for pre-election campaigns or other political activities is only allowed in conjunction with the University's elections and activities of the Student Union, student organisations or trade unions– all propagandistic use is forbidden– unnecessary consumption of resources is forbidden.
– Material that is illegal or against common manners must not be published or distributed.
The right to privacy, however, does not cover all work-related material that is in an employee's possession.– All materials that are in students' possession are deemed to be private– staff members must clearly separate their private materials from work-related ones+ e.g. create a directory entitled "Private"+ this rule also applies to students working for the University.
Any detected or suspected breaches or vulnerabilities in information security must be immediately reported to CIO or other administration staff.– Personal passwords must never be disclosed to anyone– everyone is obligated to maintain the secrecy of any confidential information that may come to one's knowledge– abuse, copying and distributing other users' private information is forbidden.As a precaution, the University is entitled to restrict or revoke the right to use its IT services.
Only devices approved by the University may be connected to the IT network. Only services authorised by the University may be produced using the university's IT networks.
Usage rights must never be used for any illegal or forbidden activities, such as searching for vulnerabilities in information security, unauthorised decryption of data, copying or modifying network communications, or unauthorised access to IT systems.Parts and features of IT systems that are not clearly made available for public use - such as system administration tools or functions prevented in system settings - must not be used.
Cheating and unauthorised acquisition of information is forbidden.
These Rules of IT Service Use become effective 1.1.2014 and replace the earlier version of corresponding rules. After the date specified above, all new IT services must be produced according to these rules.
These rules will be reviewed when needed to ensure that they comply with all valid services and laws. Any significant changes to these rules are addressed according to the co-operation procedure. CIO makes decisions concerning change needs.Information about changes is distributed using the regular communication channels, never personally.
Permission for exceptions from the Rules of Use can be granted for compelling reasons upon a written application. Exceptional permits are granted by CEO (Chief Executive Offirer of Lapland UAS or CIO. The permits may include additional terms and conditions, restrictions and responsibilities.
Compliance with the Rules of Use is overseen by the IT department, owners of services and IT services, as well as supervisors within their job descriptions. Breaches of the rules lead to sanctions according to the Consenquences of IT Service Abuse.