The rules for the use of IT services are binding and binding on all members of the SeAMK community, users of IT services and information systems.
The rules apply to all SeAMK equipment, IT services and their use. They also apply to services the use or authorization of which has been obtained through SeAMK. Such services include, for example, CSC services such as HAKA, Funet, etc.
Authorization is granted by granting a user ID or making the service available.
Authorized persons are allowed to use SeAMK’s IT services. Adherence to the rules for using IT services is a prerequisite for access.
- The access rights to IT services depend on the user’s position and tasks (roles) in SeAMK.
- A person can have multiple roles at the same time.
Authorizations are for a limited time
The license expires when
- The person no longer belongs to SeAMK.
- An authorization granted for a limited period of time shall expire.
- The role of the person changes so that there are no longer grounds for authorizing the use of the IT service.
Authorization may be restricted if there is a reasonable suspicion that data security may be compromised or misused.
The user must retrieve their personal emails and files before the IT service access expires. SeAMK deletes the files and the mailbox after a certain period of time after the use of the ID or the access expires. A member of staff must transfer messages and files related to their work to a person agreed with the supervisor. This also applies to a student who has worked on a project, for example.
Everyone must remove software licensed for home use as a personal or student benefit at the end of their employment or right to study.
- The user is identified by a username / user account
- Each user must have a unique identifier in IT services that require identification.
A group ID can be issued on application for a special purpose
- The applicant for the group ID is responsible for providing the ID
- The group ID may only be used for the purpose for which it was issued
- Each user of the group ID is responsible for his or her own use of the ID
Everyone is personally responsible for their user account
Usernames must be protected with a strong password or otherwise as instructed. If a password or other identifier is suspected to be in the wrong hands, the password must be changed or the use of the identifier prevented immediately.
- The user account must not be shared with another person
- The user is responsible for all use of his user account
- The user is financially and legally liable for any inconvenience or damage caused by the use of the user account
- The use of another person’s account is prohibited.
User rights and responsibilities
IT services are intended for work and study.
SeAMK’s IT services are intended as a tool for tasks related to studying, teaching, projects or administration at SeAMK.
Private use is allowed to a limited extent
Minor private uses are permitted, such as private e-mail conversations and use of online services.
However, private use is not allowed:
- to interfere with other use of the system
- to be in violation of the rules and instructions for use.
Commercial activity or publication is not an acceptable private use
However, a signed, written waiver may be sought from the Security Management Team or the Chief Information Officer, as appropriate.
- Commercial use is only permitted on behalf of SeAMK
- Use for election advertising or other political activities is prohibited
- Use for any preaching activity is prohibited
- Unnecessary use of resources is prohibited
Laws must be obeyed
- Illegal or unethical material may not be published, transmitted or distributed.
- The collection / compilation of data on devices or persons is prohibited
Everyone has the right to privacy
However, privacy does not extend to all work-related material that a person holds.
- The material held by the student is interpreted as private.
- Staff should keep private material clearly separate from work-related material. e.g. in a directory named “private”
- This rule also applies to a student who is in a project at SeAMK.
Everyone is responsible for data security
Detected or suspected security breaches and misconduct should be reported to the helpdesk without delay. firstname.lastname@example.org
- Your personal password should never be shared with anyone
- Everyone is bound by the obligation of professional secrecy with regard to confidential information
- Spying on, exploiting, retrieving or disseminating information belonging to others is prohibited.
SeAMK has the right to restrict or prevent the use of IT services as a safeguard.
Setting up an unauthorized service is prohibited
Only devices approved by SeAMK may be connected to SeAMK’s telecommunications network. Services may be provided in SeAMK’s networks only with the permission of SeAMK.
Bypassing security mechanisms is prohibited
No access rights may be used for illegal or unauthorized activities, such as searching for security holes, unauthorized decryption, copying or modifying communications, or intruding on information systems.
Parts or features of information systems that are not clearly made available to the public shall not be used. These include maintenance tools or features blocked by system settings.
The change will only be announced through the usual information channels, not in person.
Deviation from the rules of use
Permission to deviate from the rules of use may only be granted on the basis of a written application and for a valid reason. The Security Management Team or the Chief Information Officer may allow the deviation. The permit may contain conditions, restrictions and additional responsibilities.
The control of the usage rules is the responsibility of the information management, the owners of the services and IT services, and the supervisors for each part. Violations are penalized in accordance with the IT Violation Follow-up Policy.
The rules and instructions concerning IT services are available on SeAMK’s Intranet.