User Responsibilities - Acceptable Use Policy (AUP)
As with other aspects of campus life, members are expected to know, understand, and abide by certain policies in their daily use of the Institute’s computing, network, and information resources.
By becoming a member of the EUI you implicitly agree to said policies.
Some of these policies are driven by legal requirements, others are based on the fact that the network is a shared resource or are inspired by common sense about respecting the rights of others in the EUI community.
The following chapters are summaries of the major relevant policies, with links to the complete texts. Altogether they form the EUI's IT Acceptable Use Policy(AUP).
We encourage you to follow these links and read the complete set of ICT Service Policy Documents.
Index
- Never leave computers unattended while logged-in.
- Never unplug the network cable from the rear of the computer and/or wall socket.
- Regularly backup your data.
- Do not store data locally. This will prevent loss of data in instances of hardware failure and facilitate the safe re-cloning of the computers.
- Turn off your computer when leaving the Institute for the day ( EUI Green Policy) unless you are sharing a printer or using a remote connection off campus.
Digital reproduction and distribution of copyrighted materials is against international law.
- Take care when reading emails with attachments and/or password requests as they could be Phishing attempts (IT User Support NEVER asks for your account password!).
- Do not forward emails with attachments you are unsure of or which have come from an unknown/not trusted/unidentified source as they could contain Malware or be Spam.
- It is prohibited to transmit unsolicited commercial or advertising content (Spam).
- Never leave computers unattended while logged-in.
- Users have an obligation to install virus scanning (anti-virus) software and keep it updated.
- Users have an obligation to keep the operating system updated for the latest security patches.
- Take care when reading emails with attachments and/or password requests as they could be Phishing attempts (ICT User Support NEVER asks for your account password!).
- Do not forward emails with attachments you are unsure of or which have come from an unknown/not trusted/unidentified source as they could contain Malware or be Spam.
- (For Personal Laptops ONLY) Use a firewall software (such as Windows Firewall).
- Make backups of important files and folders.
- Use strong passwords, change your password often and NEVER provide your password to anyone, not even the IT User Support.
- Take care when browsing the Web.
- Be careful when downloading and installing software from the Web.
For more information, visit the Information Security page.
- The EUI network services and wiring cannot be modified or extended beyond their intended area of use, which consists of one computer per network socket.
- The EUI wireless network services and wiring cannot be modified or extended beyond the intended area of use.
- It is forbidden to install hubs, switches or any kind of hardware or software devices with the intent to duplicate and/or share access to the Institute's network. It is also prohibited to install Wi-Fi equipment for sharing network access or resources of any kind.
- The EUI network cannot be used for any commercial purposes or to provide Internet or EUI network access to anyone outside the EUI community for any purpose.
- Falsifying or otherwise misrepresenting one's identity via email or any other form of communication is a violation of law. This includes forging IP addresses or ethernet adapter addresses to conceal your computer's identity.
- Any unauthorized attempt to access or interfere with another computer (on- or off-campus) and/or breach users' privacy is prohibited.
- Users who own laptops configured by other universities should contact that university's helpdesk for any assistance in accessing the EUI's network.
For further information, see Network Policy.
- The login (computing account)/password combination identifies a single individual and is reserved for that individual, who is personally responsible for it.
- Passwords must conform to the complexity requirements laid down in the Strong Password Policy.
- Passwords should never be disclosed and it is strongly suggested that users change their password frequently, at least every 3-6 months.
- Passwords should not be composed of names or other terms easy to guess or generate automatically (such as any dictionary entry).
- It is recommended that you adopt passwords which are easy to use even when changing from QWERTY and AZERTY to other keyboard layouts.
- Never leave computers unattended while logged-in.
- Information containing one's password should never be stored locally on any public access computer (EUI Computer Room, internet café, etc.) .
- Users should not attempt to deal with hackers or hacking themselves but should instead report any suspicious activity to ICT Service staff, preferably to the nearest ICT User Support officer.
For further information, see Strong Password Policy and EUI Policy on Combating I.T. Resources Misuse and Hacking.
To facilitate remote patch management (system and security updates) and cloning (full software configuration update), members of the Institute are asked:
- Never to unplug the network cable from the rear of the computer and/or wall socket.
- Not to stop any ongoing update process, should this not be running "silently" or seamlessly.
- Never to store any data locally onto the machine (drive C:).
- Not to install any unsupported software on EUI computers.
For further information, see Remote Patch Management and Cloning Policy.
- Never leave your devices unattended while logged-in.
- Users should check the ICT Service website for instructions on how to configure their personal devicess to access the EUI's IT resources (shared areas, LAN, WiFi, etc.) before asking the user support for help.
- Users who need help getting their personally-owned devices connected to the EUI should contact Portable Device Support.
- Users have an obligation to install virus scanning software and keep it up to date.
- Users have an obligation to keep the operating system updated with latest security patches.
- For devices configured for and/or owned by other institutions, it is the responsibility of the user to obtain permission for any settings to be changed. If Portable Device Support staff make changes to these settings to allow connection to the EUI network, it is the responsibility of the user or the user's institution to reset them when returning to that institution.
- Backing up data and ensuring the security of one's own device by means of anti-virus, firewall, operating system updates, etc., are the sole responsibility of the laptop owner.
For further information, see Personally-owned Device Policy.
- Ensure that the research you carry out using EUI research software complies with the EUI Code of Ethics in academic research.
- Do not distribute personal licences for software provided and/or licenced by the EUI.
- Remove/uninstall any EUI provided software once you are not eligible anymore.
- Remove/uninstall any EUI provided software once your affiliation status to the Institute ceases.
- Make regular back-ups of your work / research output.
- Download and/or save any research output from software applications which you will no longer have access to after your EUI affiliation to the EUI has expired.
To avoid misuse of IT resources, members of the Institute are asked:
- Never to leave computers unattended while logged-in.
- Not to try to access restricted areas and systems if unauthorized and/or circumvent or defeat any mechanism put in place by the ICT Service to manage the network.
- Not to deliberately inject malware (viruses, worms, trojans, diallers, keyloggers, etc.).
- Not to create and distribute (share) obscene, offensive, indecent, defamatory or any other content(s) which may offend human dignity, above all with respect to gender, race or (religious) belief other than for justified research purposes.
- To adopt any national (Italian) and/or European regulation, including social conventions (netiquette) prohibiting illegal or offensive activities.
- Not to use peer-to-peer (P2P) or any other (sharing) software which may hinder bandwidth and/or breach security.
- Report any suspicious activity to ICT Service staff, preferably via EUI Helpdesk or nearest ICT User Support Office.
To facilitate the support process by the ICT User Support, Portable Device Support, Print Support and Telephone Support, members of the Institute are asked to:
- File any support request via EUI Helpdesk.
- Provide detailed information regarding any service request.
- Be physically present/available, if the user's login is required.
- Close all software/files and log off the computer if user's login is not required.
- Give consent to the support staff to access the computer remotely if requested.
- Notify the support staff well in advance for any predetermined assistance required (i.e. before holiday breaks).
- Back-up and secure their own data beforehand: neither support staff nor the ICT Service are responsible for any lost data.
- Make sure they have a proper power supply and administrator privileges if bringing in a laptop.
- Check the ICT Service homepage and/or EUI Helpdesk frequently for any last-minute communication and/or particularly for links to self-help assistance.
- Contact Research Software Tutors for methodological assistance on research software available on Institute's computers.
For more information, visit the ICT User Support page.
EUI members as well as Guests infringing the above rules and regulations face sanctions which may vary from temporary suspension to termination of service(s) or of the personal computing account itself.
In the event of significant or repeated violation of the present guidelines, the Head of the ICT Service will lodge a complaint to the disciplinary Committee of the EUI according to the Disciplinary Regulations.
Because of its potentially serious consequences for the work and well-being of the Institute, hacking will be generally regarded as gross misconduct. Where hacking is a criminal offence, offenders may also be liable for criminal prosecution.
Violation of copyright held by individuals and corporations or other entities can result in civil and criminal liability on the part of the infringer. Also, distribution of Internet viruses, worms, and Trojan horses can lead to civil and/or criminal liability.
Page last updated on 07 October 2020