(Based on Cornell University policy)
Rules of behavior, also referred to as acceptable use policy, instruct people about acceptable ways in which they may and may not use information technology (IT) systems. These rules communicate to every individual (including management, administrators, federal personnel, and contractors) accessing IT resources their role in protecting those resources, and advise them of their obligations.
This documents describes such rules for users accessing the VirtualRDC servers.
Users accessing any system are to be held individually accountable for their actions
and may be subject to administrative penalties and termination. In particular, this means that the following are not acceptable actions:
- Do not share login IDs and passwords (unauthorized use).
- Your login ID and password are provided only for your use. If you share your login ID with anybody else, then you are giving them access to services they are not authorized to use. If such sharing is detected, your login ID may be deactivated.
- DO NOT SHARE YOUR PASSWORD WITH ANYONE.
- If you suspect that someone may have discovered your password, change it immediately.
- DO NOT USE ANYONE ELSE’S PASSWORD.
- Using someone else’s password to access services or data is also a violation of policy, regardless of how the password was obtained.
Use of university computers, communications systems, data, and other information is meant for authorized purposes. Unauthorized use of university equipment is prohibited. Users are given access to VirtualRDC systems based on the need to perform research-related tasks. Other uses may be prohibited if they contravene Cornell University policy. In particular, the following activities are expressly prohibited:
- Commercial activity
- Releasing a virus, worm or other program that damages or otherwise harms a system or network
- unauthorized access to data or files even if they are not securely protected, or attempts to gain such access
Users should understand that some data processing or system administration activities may have higher priority than their own data processing activities. System administrators will be sensitive to program activities when scheduling downtime. System administrators may from time to time ask some users to schedule their jobs differently in order to accommodate the requirements of other users with higher priority tasks.
End-User Software Use
Users are not allowed to install any software.
Monitoring of Usage
Any or all uses of this system and all files on this system may be intercepted, monitored, recorded, copied, audited, inspected, and disclosed to your employer, to authorized site, government, and law enforcement personnel, as well as authorized officials of government agencies, both domestic and foreign.
By using this system, the user consents to such interception, monitoring, recording, copying, auditing, inspection, and disclosure at the discretion of such personnel or officials. Unauthorized or improper use of this system may result in civil and criminal penalties and administrative or disciplinary action, as appropriate.
Users are encouraged to complete an Information Technology Security Awareness Training session annually. This may become a requirement at a later time.
IT Security Incident Reporting
If you are aware of an IT security incident, or what you may think to be an IT security incident, you must contact the VirtualRDC administrators immediately.