1. Scope of these regulations
1.1 These regulations apply to the use of IT services at the University of Agder. IT Services is defined as: generally available computers and IT systems, end-user equipment, networks, applications, data, etc. made available by the university, including local, national and international networks or other machines and systems that you can access through such resources.
The regulations apply to employees, students and others who have access to IT services, hereinafter referred to as users.
1.2 These rules shall be posted in appropriate places, eg. computer labs, and are also available in electronic form. They may be obtained by contacting the IT department. The regulations will also be handed out at first user registration, or otherwise made known to users.
1.3. All users are required to keep themselves informed of the current regulations.
1.4 Changes in these regulations shall be made by the Board. The Director is authorized to approve minor changes. The Board shall receive a copy of any amendments made by the University Director.
2. Duty of Loyalty
2.1 When a service requires identification, users are obliged to identify themselves with their own user name, password or in any other regular way.
2.2 Users are required to follow the operations staff’s instructions on the use of IT services. Users also have an obligation to familiarize themselves with available user manuals in order to reduce the chances of malfunction or loss of data due to ignorance.
2.3 When a user's formal connection with UiA terminates, the user is responsible for ensuring that copies of data, applications, etc. belonging to the University are secured by the IT department or a local IT manager. The user is responsible for - at the latest within 3 months - to delete private files / data. If this is not done, the IT department may delete them. In case of deaths, the next of kin are notified and have access to copies of the material before deletion takes place.
3) IT Security
3.1 It is essential that users do not cause disruptions to any IT System or otherwise cause an inconvenience to other users.
3.2 Users that make use of personal storage media other than those assigned by the IT department, are responsible for securing these against data loss.. Typical storage media include local hard disk, external hard drive, memory stick etc.
3.3 Users are responsible for keeping their passwords or other security elements private and not known to others.
3.4 If a user is informed that his / her password can be identified by means of mechanical control, the user is required to change his / her password.
3.5 Users are obliged - as far as possible - to prevent unauthorized persons from gaining access to the use of the network and IT services\systems or access to rooms where IT equipment is available. Username and password must not be lent out.
3.6 Users are required to be attentive that applications or data may contain undesirable elements ("virus"), and are responsible for following the advice that the IT department provides in this area.
3.7 Users are required to report any conditions that may affect IT systems\services security or integrity to the nearest supervisor, the local IT manager and the IT department.
4. Respect for other users and privacy
4.1 A user must not attempt to gain unauthorized access to the data, applications, etc of others or seek to become familiar with others' passwords / security elements.
4.2 Users are obliged to familiarize themselves with the guidelines specifically applicable to personal information. Computer files containing information about individuals or companies or organizations (physical and legal persons) will normally only be created with the consent of the Data Protection Agency. If users wish to register personal information, they are obliged to ensure that such a register is permitted under the Data Protection Act or regulations issued pursuant thereto, or pursuant to a license granted to the University of Agder. If the register will not be permitted under these rules, users are required to apply for the necessary permit. The person responsible for the operation will be able to provide guidance about how users should respond.
4.3 Users are bound by declaration of secrecy concerning personal affairs that they become aware of through the use of IT services.
5. Proper use and resource awareness
5.1 Users are responsible for ensuring that IT resources are used effectively. Resources refer here to the time and capacity of both machines, networks and personnel related to the activities of the IT services.
5.2 Users should be very cautious with the use of IT services for activities not directly related to academic work, administration, private research, study or organizational association at the University.
5.3 Users may not use IT services to make defamatory or discriminatory statements, convey pornography or confidential information, violate privacy, encourage or assist in any illegal or unlawful activities.
6.1 Normally the use of both programs and data is dependent on privileges founded on the Service License Agreement. Users are committed to respect the rights of others. These rights include the use of musical works and other copyrighted information on the World Wide Web and other electronic information systems.
6.2 When the University makes programs, data or other materials available, users are required to respect the restrictions that are imposed by the agreement. The agreement will be available by the local IT manager or in the IT Department.
6.3 A user is not allowed to copy programs using University equipment beyond what follows by the agreements concerning rights (SLA - license). It is certainly not allowed to copy licensed software for personal use beyond what appears in the Select Agreement (Microsoft Product) or similar agreements.
7. Quality of Service and Liability
7.1 Users are responsible for the use of information, programs, etc. made available through IT services. The University assumes no liability for financial losses resulting from errors or omissions in applications, data, use of information from available databases or other information obtained through the network, etc.
8. IT services/university's right of access
8.1 IT Services/university has the right to seek access to the individual user's reserved areas in the facility with the aim of: (1) ensuring the system's functionality, or (2) to verify that users do not violate or have not violated these regulations. It is assumed that such access will only be sought when there is particular reason to suspect irregularities and when it is of great importance for the operation or the University's liability. The IT department does not have access to a user's reserved areas without special permission from the University Director.
8.2 The IT department’s inspections to ensure stable operation and to prevent unauthorized access to data is expected to take place within the framework set by rules and regulations. All inspections concerned with individual users must be registered in a journal. Reports on such inspections are to be sent to the University Director.
8.3 If the use of a workstation, terminal or other end user equipment, due to reliability or other issues, are monitored by the IT department, this shall be made public by branding the device or in another appropriate manner.
8.4 Information about users, obtained in this way, is confidential. The only exception is that information about factors that may represent a breach of IT regulations can be communicated to superiors.
9.1 In instances where these regulations are violated, the head of the IT department or his deputy may immediately revoke the student’s account and the right to use the University's computer equipment and network for up to 1 week. Similar sanctions against employees will be taken if determined by the University Director or his deputy. Such instances must be reported immediately to a superior, ie, department or section for staff and the study secretariat when students are involved.
9.2 For repeated and / or serious violations of these regulations users may be denied access to the University's IT services for a longer period of time. Such a decision is taken by the University Director when the matter involves employees and the study director when the case applies to students. They assess whether further sanctions should be implemented. Users have the right to appeal against decisions concerning access to IT-services at UiA pursuant to the Public Administrations Act.
9.3 The University Board is the Appellate Body in matters relating to staff and students.