Acceptable Use of CSE Information Technology Resources
The purpose of this policy is to define responsible and ethical behavior of CSE users in order to preserve the availability and integrity of CSE resources, and to attempt to continue to be a good "net neighbor" for other internet users. This policy applies specifically to all users of CSE equipment.
This policy is intended to supplement the University's Acceptable Use Policy (AUP), not replace it. Report conflicts between the University's Acceptable Use Policy and this policy by emailing [email protected].
This document is provided in an effort to:
- Safeguard the integrity of computers, networks, and data in CSE
- Ensure that use of CSE resources complies with CSE and University policies
- Protect CSE, its users, and the University against possible legal action
- Inform CSE users of their rights and responsibilities as users
This policy is deliberately silent on matters, such as sexual harassment; violations of federal, state, or local law; and matters covered under other University policies.
Usage Priorities
User-owned tasks fall into one of these categories:
High
- Educational and administrative uses directly related to the mission of CSE Labs and the College of Science and Engineering.
- Long-term jobs—processes that are going to take more than a few hours to run—have lower priority than other high priority tasks, but still have priority over medium and low priority jobs.
Medium
- Uses that indirectly relate to CSE or University goals, or with secondary educational or research benefit. This includes personal communications such as email.
Low
- Uses without any educational or research benefit, including game-playing, general web browsing, or other recreational activities.
Acceptable Use
- Use CSE resources consistently with stated priorities.
Some activities, such as bitcoin mining or "broadcast" email, consume a large amount of available resources and may be illegal; avoid them when possible. - Run long-term jobs using the nice command.
Long term jobs are generally discouraged on CSE workstations. There are a few instances where long-term jobs (jobs taking several hours or more to complete) must be run to reach an academic or research goal. Such jobs should be started with the nice command to lower their impact on users who are running short-term jobs interactively. In general, nice will have a very minor impact on the time taken to complete a long-term job, but will have a positive effect on other short-term jobs on the same machine. - Honor the privacy of others.
It may be possible to access file and/or network data that is not meant for you. You probably would not appreciate it if someone else were snooping through your files; don't do it to others. - Report system problems to [email protected] when you notice them.
- Periodically check your account for signs of unauthorized use such as theft of service.
Some indications include files you didn't create, directories with unusual names (like " ") and last login times you don't recognize. - Report unusual system behavior and violations of policy to [email protected] or an operator.
Strange system behavior can indicate many things, including impending hardware failure, unauthorized use of the system, intermittent network outages, etc. If things go unchecked, the system may crash or become unusable. When reporting odd system behavior, be sure to include any diagnostic output or error messages you may see. In addition to strange system behavior, system administrators need to know of any observed policy violations. The onus of reporting observed instances of policy violations, including security violations, is upon you. While anonymity in reporting policy violations is not guaranteed, your identity will not be needlessly released. - Address your questions about system usage and performance to [email protected].
CSE-IT staff not only maintain system operations, but also facilitate authorized users' use of CSE resources. - Address ethical questions about system usage to [email protected].
If you have questions about whether or not a certain activity not covered by these or other University policies is allowed, email [email protected]. We will answer your question or forward it to the appropriate authority.
Unacceptable Use
Unacceptable use includes, and is not limited to, the following:
- Do not share your account.
Your UMN Internet ID identifies you to CSE and University communities, and the Internet community. Another person using your account, regardless of whether or not you have given your permission, will be acting in your name. Anyone who knows your password can use your account. Since you are solely responsible for how your account is used, you may be held responsible if someone violates policies or laws and those activities are traced back to your account. Picking a strong password that you never share with anyone else is crucial to protecting your account. See "Create a Secure and Memorable Passphrase" for more information on "strong" passwords. If someone needs access to CSE resources, even on a temporary basis, that person should contact [email protected] and arrange for their own account. Refrain from giving your account to someone who claims to need it for administrative purposes, including a system administrator or an operator. Someone who you might think has a legitimate need to know your password will never need your password; those who might require it can complete their work without it through other means. If someone else offers you use of an account for which you do not have authorization, decline. If you discover someone else's password, do not use it. In either case, you should report the event to [email protected]. - Do not circumvent, or attempt to circumvent, system security settings.
Use of your account to subvert or change system security settings is strictly prohibited. UNIX and UNIX-like operating systems have certain vulnerabilities. Attempts to exploit vulnerabilities will be interpreted as a hostile action and your account will be deactivated. Reactivation of your account may require that you explain your actions to the Associate Dean for Research and Planning and/or a CSE-IT staff member. - Do not use CSE resources to transmit or distribute personal or private information about individuals unless you have explicit, written authorization from the individuals involved.
- Do not create programs that secretly collect information about users.
Software running on CSE resources is subject to the same guidelines for protecting privacy as any other information-gathering project at the University of Minnesota. Note that CSE-IT acknowledges that some system utilities automatically log user information, such as FTP or ssh. - Do not impersonate any other person.
Using CSE resources to impersonate someone else is improper use of resources. If you use someone else's account, you may be committing acts of fraud because the account owner's name will be attached to transactions you perform. System administrators will never ask you for your password by email, chat, or any other form of online communication. If someone claiming to be a system administrator asks for your password via an online method, be immediately suspicious and notify [email protected]. - Avoid sending anonymous email or making anonymous UseNet postings.
If you send anonymous mail or UseNet postings, realize that it is customarily considered polite to identify that your message is intended to be anonymous, or you should sign it with a pseudonym. Keep in mind that many people will give less credence to anonymous communications than to signed communications. - Do not use CSE resources to violate other policies or laws.
Computer networks offer ways to commit actions that violate laws or policies that are covered elsewhere. Some policies and laws to keep in mind include the Student Conduct Code and Title 18 U.S.C. 1030, Computer Fraud and Abuse. - Do not use your CSE account for commercial purposes.
Your CSE account exists for academic work, research, etc., only. Use of it for non-academic purposes is highly discouraged, and commercial use is explicitly prohibited. When it is discovered that an account is being used for non-academic purposes, that account may be deactivated without warning. - Do not look through another user's files without explicit permission.
File access permissions can be individually set for each file by the file owner. Many people do not realize the ramifications of leaving their files or directories open for world-readability. However, just because someone sets access permissions on a file or directory so that it is accessible to you does not automatically mean you should access it. Some users inadvertently set permissions on their data to settings that grant other users access to their data purely by accident; you should not access the data in such instances without the owner's permission. - Do not intercept or monitor any network communications that are not explicitly meant for you.
Sometimes, as part of a class, this rule is suspended. Any exceptions to this rule are granted by CSE-IT and must be in writing. With the exception of regular networking classes where network traffic monitoring is part of the curriculum, exceptions should be written to cover a specific period and be reviewed periodically. Without explicit authorization, CSE users should not intercept or monitor network communications. - Do not move a computer’s network cable to a different network jack.
Email [email protected] to request changes. - Do not physically move a computer to a different room.
Email [email protected] to request changes.
Enforcement
If you observe someone violating this policy or need clarification of an aspect of this policy, contact [email protected].
Definitions
Authorized User
- Individual or entity permitted to make use of CSE resources as specified by the College of Science and Engineering (CSE).
CSE Labs
- Computing equipment, supplies, services, etc., are provided by CSE for users of CSE Labs.
Data Owner
- An authorized user who "owns" data (ownership permissions on files are set to the user's UMN Internet ID). Staff, students, faculty, and other authorized users can all be data owners. Production files, computer applications and their files, and system files are the responsibility of the system administrators who serve as data owners or stewards of the asset.
Security Measures
- Processes, software, and/or hardware used by system administrators to assure confidentiality, integrity, and robustness of CSE Labs. Security measures include reviewing files for potential or actual policy violations; reviewing system logs; and network monitoring for evaluating distributed systems' performance, monitoring for policy or security violations, and traffic analysis.
System Administrator
- A CSE-IT employee authorized to have privileged access.
Responsibilities
CSE-IT Staff
- Maintain integrity and privacy of users' data and files.
Information stored in a user's account must be protected from unauthorized access. System administrators will not search, read, edit, or delete a user's files without explicit permission from that user. Notable exceptions are removal of files from temporary file storage areas, performing backups to safeguard file integrity, and other activities specifically relating to general system administration. Administrators may not share another user's data with anyone without the owner's explicit permission. When making non-security-related changes to a user's account, email from the user requesting the action requiring those changes may be sufficient. When making security-related changes, e.g., resetting a user's password, the user's identity must be verified. System administrators may require identification other than email from the account at their discretion, and will err on the side of caution where unauthenticated requests by email ask for potentially destructive actions to be taken to a user's account. Email from an account is not normally considered an authenticated request. - Assist users with questions regarding system operation.
System administrators assist users in overcoming problems directly relating to the system. Users should work with the system administrator to fix the problem where possible. System administrators focus first on problems with a wider-reaching impact and second on restoring problems with impact on a single workstation or user. - Keep systems maintained properly and in good working order.
System administrators are responsible for ensuring that systems are in good working order and take steps to correct problems, requesting additional assistance where necessary. - Enforce policies.
System administrators are required to enforce policies. If a violation of established policy is detected, the system administrator takes corrective action immediately. Some administrative actions, such as reactivating an account closed for security reasons, cannot be performed by student system administrators. - Treat users with courtesy and assist them in a timely, efficient manner.
Users can expect courteous, efficient solutions from system administrators. System administrators expect civil behavior from users.