Guidelines for the use of network and computing resources at CEU

Computer and Network Usage Policy

The Central European University (CEU) maintains a computer network and connections to the Internet as a service to the members of the CEU community. The CEU computer network consists of a backbone network, local area networks, shared computers as well as many personal desktop computers. Most of the computers on the network are available to all members of the CEU community: faculty, students and staff.

The Information and Technical Support Unit (ITSU) provides access to the network and maintains the equipment. As part of this role, ITSU aims to insure that rights and responsibilities connected to computer usage are not violated.

Access to networks and computer systems imposes certain responsibilities and obligations. Appropriate use should always be legal, ethical, and reflect academic honesty and community standards, and show restraint in the consumption of shared resources. It should demonstrate respect for intellectual property; ownership of data; system security mechanisms; and individuals rights to privacy and to freedom from intimidation, harassment, and unwarranted annoyance. Users of the computing facilities and the network can also expect certain rights.

Privacy

All members of the community have the right to privacy in their electronic mail. However, if a user is suspected of violations of the responsibilities as stated in this document, their right to privacy is superseded by the University's requirement to maintain the network's integrity and the rights of all network users. It must be recognized that electronic communications are by no means secure, and that during the course of ordinary management of computing and networking services, network administrators may view user files.

Safety

While harassment or unwanted and unsolicited contact cannot be controlled on the network, users must be aware that there are many services on the Internet that might be considered offensive to groups of users, and therefore network users must take responsibility for their own navigation of the network.

Intellectual Freedom

The network is a free and open forum for expression, including points of view that might be considered strange, unorthodox, or unpopular. The network administrators place no official sanctions upon the expression of personal opinions on the network. Students are free from censorship in expressing their views, as long as their views are not represented as the official viewpoints of the University.

There are also responsibilities that must be met as part of the privilege of network access. Network users are expected to live up to these responsibilities. If you knowingly violate a network responsibility, your network access will be suspended. Depending on the seriousness of the violation, you could be referred through the University disciplinary procedure process. Violations that also violate Hungarian state laws will result in referral to the appropriate legal authority.

1. Game playing: Limited recreational game playing may be tolerated only within the limitations imposed by the respective departments. CEU computing and network services are not to be used for extensive or competitive recreational game playing. Recreational game players must give up their seat when others who need to use the facility for academic or research purposes are waiting.
2. Computer accounts, passwords, and other types of authorization are assigned to individual users and must not be shared with others. You are responsible for any use of your account and for the security of your password. This includes changing it on a regular basis and making sure no one else knows it.
3. You must not use a CEU computer account that was not assigned to you. You may not try in any way to obtain a password for another user's computer account. You may not attempt to disguise the identity of the account or machine you are using.
4. Special access to information or other special computing privileges are to be used in performance of official duties only. Information that you obtain through special privileges is to be treated as private.
5. When you cease being a member of the CEU community (graduate or terminate employment), or if you are assigned a new position and/or responsibilities within CEU, your access authorization will be reviewed. You must not use facilities, accounts, access codes, privileges, or information for which you are not authorized in your new circumstances.

Behavior that is harmful to these goals or which adversely affects the University's mission is subject to sanctions as outlined by CEU policy. Harmful behavior that is subject to sanction which includes, but is not limited to, the following:

1. No one may, under any circumstances, use CEU's computers or networks to to annoy, harass, terrify, intimidate, threaten, offend, bother, libel, or slander any other person.
2. You should always use computing resources in accordance with the high ethical standards of the CEU community. Academic dishonesty (plagiarism, cheating) is a violation of those standards.
3. The following harmful activities are prohibited: creating or propagating viruses and worms; disrupting services; damaging files; intentional destruction of or damage to equipment, software, or data belonging to CEU or other users; and the like.
4. You must not use CEU network resources to gain or attempt to gain unauthorized access to remote computers.
5. You must not deliberately perform an act which will deprive another user of authorized resources, seriously impact the operation of computers, terminals, peripherals, or networks. This includes, but is not limited to, tampering with components of the network, blocking communication lines, or interfering with the operational readiness of a computer.
6. You must not attempt to circumvent data protection schemes or uncover security loopholes; gain unauthorized access to systems by using knowledge of a special password or another user's password.
7. You must abide by the terms of all software licensing agreements and copyright laws. In particular, you must NOT make copies of copyrighted software, unless CEU has a site license specifically allowing the copying of that software. Furthermore, you must not copy site-licensed software for distribution to persons other than faculty, staff, and students, nor may you copy site-licensed software for use at locations not covered under the terms of the license agreement.
8. You must not deliberately perform acts which are wasteful of computing resources or which unfairly monopolize resources to the exclusion of others. These acts include, but are not limited to, sending mass mailings or chain letters, creating unnecessary multiple jobs or processes, obtaining unnecessary output or printing, or creating unnecessary network traffic. Printing excessive copies of any documents including resumes, thesis, and dissertations is also prohibited.
9. The following type of information or software cannot be placed on any university-owned computer system:

• That which infringes upon the rights of another person.
• That which consists of information which may injure someone else and/or lead to a lawsuit or criminal charges. Examples are: pirated software, destructive software, illegal pornography, or libelous statements.
• That which consists of any advertisements for commercial enterprises.
• That which gives you unauthorized access to another computer account.

10. You must not attempt to monitor another user's data communications, nor may you read, copy, change, or delete another user's files or software, without permission of the owner.
11. You must not use any of CEU's computers, workstations, or networks for other than a University course, research project, departmental activity. You may use these resources for your studies, research work and academic carrier, but they must not be used for any other personal (for example financial, etc.) gain.
12. Any network traffic exiting the University is subject to the acceptable use policies of the network through which it flows, as well as to the policies listed here.

In general, commercial use of external networks is prohibited. All users and units have the responsibility to report any discovered unauthorized access attempts or other improper usage of CEU computers, networks, or other information processing equipment. If you observe, or have reported to you, a security or abuse problem with any CEU computer or network facilities, including violations of this policy, take immediate steps as necessary to ensure the safety and well-being of information resources. For example, if warranted, a system administrator, or the HELPDESK should be contacted to temporarily disable any offending or apparently compromised computer accounts, or to temporarily disconnect or block offending computers from the network. If a person appears to have violated this policy, and (1) the violation is deemed minor, and (2) the person has not been implicated in prior incidents, then the incident may be dealt with at the unit level.

Reports of subsequent or major violations will be forwarded to Academic Affairs, the Student Council, or the employee's relevant management person for the determination of sanctions to be imposed. Persons in violation of this policy are subject to the full range of sanctions, such as the loss of computer or network access privileges, disciplinary action, up to and including dismissal from CEU, and legal action.

Some violations may constitute criminal offenses, as outlined in Hungarian laws (e.g. reading letters sent to others); CEU will carry out its responsibility to report such violations to the appropriate authorities. Appeals should be directed through the already-existing procedures established for employees and students. The managers of the CEU computer network have the responsibility to enforce this policy.

If a user is suspected of violations, or the integrity of the system is in danger, their right to privacy is superseded by the University's requirement to maintain the network's integrity and the rights of all other network users. The action taken by the manager may include, but not limited to: suspending the right of any particular user to the access of computers; deleting users files which are not consistent with the present policy; blocking programs causing unaccepted large network traffic (huge e-mails).

It must be recognized that electronic data storage and electronic communications are by no means secure, and that during the course of ordinary management of computing and networking services, network administrators may view user files.