Contents:
User accounts are used for access to the College
of Veterinary Medicine network services, and for access to the
university’s network and the Internet. There are three types of
accounts: faculty/staff, student, and student worker accounts. The
accounts are created on the premise that once a user has an account,
that account will be active as long as the user is employed by, or a
student of the College of Veterinary Medicine. Each account is
assigned to one user who is responsible for all actions of the
account.
2.1.
Types of Accounts
2.1.1.
Faculty/Staff
CVM faculty/staff may be assigned an account for instructional use.
Disk space for faculty/staff is provided by the College of Veterinary
Medicine. File
maintenance is the responsibility of the user.
2.1.2
Student
KSU veterinary students are authorized to have network accounts from
the College of Veterinary Medicine. This type of account has limited
access to the network resources. The student assigned to the account
will be responsible for all network transactions associated with the
assigned account.
2.1.3 Student
Workers
Student workers are authorized to have network accounts from the
College of Veterinary Medicine. This type of account has limited
access to the network resources. The student assigned to the account
will be responsible for all network transactions associated with the
assigned account.
2.2. Account States
Accounts have four
distinct states of existence. These states indicate the activity of
the account from its creation to its deletion.
2.2.1.
Creation
When an account is created, the following items are established:
·
A
unique username (also called userid). The network system administrator
assigns the username. The assigned username may not be subsequently
changed.
·
a
unique e‑mail address (username@vet.k-state.edu)
·
a
home directory for storing the user's files
·
a
user information sheet
The
user information sheet is printed for each account upon its creation.
The user information sheet contains the username, information to set
password, e‑mail address, location of the home directory, as
well as other information useful to the novice user. The user
information sheet may be picked up from the CVM Computing and
Technical Support group (CaTS) or the Network Administrator, and a
signature is required.
2.2.2.
Active
Once the user information sheet has been picked up, the account is
considered active. Accounts will remain in the active state until one
of the following criteria is met:
·
the
user has relinquished network privileges (i.e., upon graduation)
·
the
account or owner of the account has been found violating any portion
of this policy
·
the
owner of the account is no longer employed by or enrolled at KSUCVM
2.2.3.
Pending delete
Active accounts are changed to the pending delete state prior to
deletion. The pending delete state is an intermediate step between an
active account and a deleted account. In the pending delete state, all
network access will be denied and electronic mail addressed to the
account will be returned to the sender. Some files may be archived and
deleted. An account may be reactivated from the pending delete state.
2.2.4.
Deleted
When an account is deleted, the username will be considered unused and
all files belonging to the user will be deleted. Electronic mail sent
to the user will be rejected.
2.3. Sharing Accounts
Any abusive
activities initiated from your account will be traced back to the
owner of the account, and the owner will be held responsible. The
behavior of someone with whom you have shared your account becomes
your responsibility. It is, therefore, policy that College of
Veterinary Medicine network accounts are not to be shared. Each
account has one user. If users wish to share information or otherwise
collaborate in a group, then the users shall use appropriate file
permissions combined with optional group membership to share data.
2.4.
Password Selection
Perhaps the most
vulnerable part of any computer system is the account password. Any
computer system, no matter how secure it is from “hackers”, can be
fully exploited by intruders who can gain access via a poorly chosen
password. It is important to select a password that is not easily
guessed and to not share the password with ANYONE.
Here
are some suggestions for choosing a good password:
·
DON'T
use any variation of your login name (i.e., reversed, capitalized,
doubled, etc.)
·
DON'T
use any variation of your first, middle, or last name
·
DON'T
use your spouse's or child's name; this information is easier to
obtain than you might think
·
DON'T
use other information easily obtained about you; this includes license
plate numbers, telephone numbers, social security numbers, the make of
your automobile, the name of the street you live on, the room number
or building in which you work, etc.
·
DON'T
use a password of all digits
·
DON'T
use a password of all the same letters
·
DON'T
use a word contained in English or foreign language dictionaries,
spelling lists or commonly digitized texts such as the Bible or
encyclopedia
·
DON'T
use a password shorter than five characters
·
DON'T
use a colon in your password
·
DO
use a password with non‑alphabetic characters (digits or
punctuation)
·
DO
use a password that is easy to remember, so you don't have to write it
down
·
DO
use a password that you can type quickly, without having to look at
the keyboard
Methods of selecting a password which adhere to these guidelines
include:
·
choosing
a line or two from a song or poem, and using the first letter of each
word
·
alternating
between one consonant and one or two vowels, up to seven or eight
characters This provides nonsense words which are usually
pronounceable, and thus easily remembered
2.5.
Changing Your Password
Users are required
to change their password periodically. Changing your password
periodically will frustrate even the most patient intruder. The
network software will require you to change your user account password
every 6 months. You will
be notified during login when your password has expired, and you will
be prompted to change it. The procedure for changing your password at
any other time is available on the CaTS website at http://www.vet.k-state.edu/depts/cats/techinfo/password.htm.
2.6. Determining Account Misuse
Often,
users are the first persons to detect unauthorized use of their
account. If this occurs, please notify the system administrators
immediately.
There are several ways to detect unauthorized use of your account:
·
if strange files appear
or disappear in your directories
·
if you get mail from
someone referring to a mail message you did not send
2.7. Account Requests
Requests for
accounts or changing account information can be made to CaTS by
calling 2-4725 during normal
work hours. The requests are typically processed in the morning with a
one-day turnaround.
2.7.1. Requesting a new account
Users must request a new account by completing a New Account Request
form. Information must include:
·
proof of current
enrollment or employment
·
student or employee
identification number
·
student or employee
classification
·
year or department
The
application a for new account requires that the user sign an agreement
stating that the user understands and will abide by all policies
regarding the use of the Kansas State University College of Veterinary
Medicine network.
2.7.2. Requesting additional group
membership
There are times when a group of users need to work together on
projects. If a group of users wishes to share data only among
themselves they can become members of a new group.
Requests for new groups can be made with proper justification
of the purpose of the group and identification of a user who will be
responsible for who the group members will be, and the deletion of the
group after the project is completed.
2.7.3. Requesting a
new password
Sometimes users forget their password. If this happens, a new password
can be given to the account. The Request for New Password form
requires proof of enrollment/employment and photo identification
(preferably a student or employee ID).
3.1. Physical Access to Equipment
Many College of Veterinary Medicine
faculty and students have access to network resources. These resources
may be printers, workstations, PCs, network wiring or connection
equipment, etc. Anything that is connected to the network can be
considered a resource. Some of these resources are necessarily kept
physically secure. Others may be readily accessible to the public at
all times.
3.2.
Access to Networked PCs
General access to
networked PCs for College of Veterinary Medicine network users is
currently limited to the Trotter Hall computer lab, and the computing
lab in Mosier Hall. Trotter Hall lab hours are the same as those of the Vet Med
Library, except that the lab closes ˝ hour before the library each
evening. The lab is
occasionally reserved for classes and exams.
3.3. Access via the Internet
Wide-area
a
ccess to College
of Veterinary Medicine network services is limited to access via the
CVM World Wide Web server and FTP servers.
3.4. Adding Resources to the Network
The
a
ddition of network resources (as stated in 3.1 above) to the College of
Veterinary Medicine network, should be coordinated with CaTS. This
includes workstations, microcomputers, networked printers, or any
other computing and networking hardware.
4. User Rights and Responsibilities
4.1. Use of Licensed Software
There is a large quantity of
copyrighted and licensed software available for use on the College of
Veterinary Medicine network. Typically most of the application on the
network are for use throughout the college. However, some software may
be licensed only to a particular group. Other software may have a
"floating node" license that limits the number of concurrent
users. Copyrighted and licensed software and documentation may not be
duplicated unless it is explicitly stated that you may do so. If you
have any doubts about what can be copied, please call the CaTS hotline
at 2-4725.
4.2.
Use of Storage Resources
The file servers
on the College of Veterinary Medicine network have a large, but
finite, amount of disk space. If a user consumes large amounts of disk
space, others will be affected. There are limits set on the shared data volumes so that this
will not become a problem. If
you require more space than the allocated amount, departments may
purchase more space for their use.
4.2.1.
Methods for reducing disk usage
The best way of reducing your disk usage is to delete any unused
files. Good candidates for deletion are backup files (i.e. file.bak,
file.old, file.tmp). If you have
a large volume of picture files (i.e. file.bmp, file.jpg, file.gif),
back them up to disk, tape, or CD.
4.2.2. Disallowed
files
The following file types should not be transported, stored, printed,
or otherwise exist on any of the College of Veterinary Medicine
network servers:
·
files
not used for the purposes of education,
research, or extension
·
scanned,
copyrighted material
·
GIF,
JPEG or other image files not used for academic purposes
4.3. Use of Printing Resources
Many printers are
available to network users for print services. The types of printers
vary from ASCII line printers to PostScript laser printers and
full-color copiers. There is a color printer available at the
Instructional Technology Center (ITC) in 1 Trotter Hall for color
overheads, glossies, and prints. Contact
ITC for service and pricing. Only those printers operated by CaTS and
designated as general use printers are subject to the usage guidelines
herein. The following
activities should be avoided:
·
printing
multiple copies of the same document; use copy machines instead
·
loading
or printing any media for which the printer is not designed to use;
prohibited materials include resume paper, transparencies, envelopes,
etc.
·
printing
manual pages from online documentation such as WordPerfect; most
documentation sets are available in hardcopy from CaTS or in the
public access
laboratories
·
any
activity which could harm the printer or print server
·
any
activity which would deny the service of the printer to others
4.4.
Use of Archiving Resources
Several methods
exist for making permanent archives of data on the network. Every PC
has a 1.44Mb floppy disk drive, which will accept high-density
3.5" floppy disks. The
use of tape backups or Zip and Jaz drives is also a good
idea. ITC offers
CD-recording services.
4.5.
Use of Remote Non‑Veterinary Medicine Resources
The CVM network is
directly connected to the Kansas State University network. There are
services provided to CVM users by other divisions of Kansas State
University. CVM network users are bound by the policies of the
resource provider when using resources outside of the CVM network.
4.6.
Use of Electronic Mail
Electronic mail
(e‑mail) is the primary form of communication between
individuals on the network. Users are encouraged to read their
e‑mail regularly. Electronic mail provides an easy mechanism for
exchanging information between users. Any file type can be sent via
e‑mail including executable programs, but large files (>1MB)
should be sent via FTP. E-mailed files will be automatically
compressed, encoded, mailed, received, decoded and uncompressed by the
mail program (GroupWise). The attachments can be save to a file by
using tools associated within GroupWise.
4.7.
Usenet News
KSU CNS provides
Usenet news service. Users can read articles in the College of
Veterinary Medicine by using a
web browser (Netscape), or a news browser client (WinVN).
The Usenet rules and much useful information can be found in
the news.announce.newusers newsgroup.
5. Abuse of
Network Resources
This section
serves to provide specific examples of the types of abuses that are
covered by Federal, State and local laws, as well as university
policy. This list is by no means complete and is subject to change
without notice as new ways of abusing resources are discovered and new
legislation is passed. Penalties for abuse of network resources
include, but are not limited to, temporary restriction of network
privileges, permanent restriction of network privileges, and criminal
prosecution.
5.1.
Theft and Vandalism
Theft and
vandalism of network resources will be handled by the appropriate
authorities (Kansas State University Police and/or Riley County
Police). The College of Veterinary Medicine will pursue and support
criminal prosecution of individuals suspected of theft and/or
vandalism.
5.2.
Unauthorized Use of Network Services
Anyone, for whom
an active account does not exist, found using any College of
Veterinary Medicine network services, will be referred to the
appropriate authorities. For CVM staff, students, and faculty, the
individual's department head and dean will be notified. Incidence
involving individuals not directly associated with the college will be
handled by the KSU Police Department. If direct expenses are incurred
by the College of Veterinary Medicine during unauthorized used (i.e.,
paper, printer supplies, etc.), the College of Veterinary Medicine
reserves the right to pursue full reimbursement of those costs from
the individual. Use of restricted network services without
authorization is considered an abuse of privilege and may result in
restriction or denial of network access. Current restricted‑use
network resources include printers reserved for use by an individual,
department or research group, and servers, which have restricted login
access.
5.2.1. Breaking
into accounts
Any attempt to gain access or to use an account other than by the
owner will be considered a violation of network policy. Such attempts
include, but are not limited to, gaining access to a user's account
while the user is away from a terminal or a workstation, or efforts to
determine another user's password by closely watching a login. If you
find another user logged on but not near a machine, you should try and
locate the user, and, if not found, log the user out immediately.
5.2.2.
Cracking passwords
Any
attempt to crack or otherwise obtain passwords is prohibited. Storing
or transferring encrypted or unencrypted password information is
prohibited. Writing, transferring, compiling or running programs
designed to guess passwords or otherwise gain unauthorized access to
user or system accounts or passwords is prohibited. This includes
programs or techniques designed to trick users into divulging their
password.
5.2.3. Access to
information
Unauthorized access to information contained in a user's home
directory is prohibited, even if the files are readable and/or
writeable. When in doubt, don't read, copy, or change other users' files.
5.2.4. Modifying
files
Modifying files anywhere on the system without consent of the file's
owner is prohibited. This includes writing or modifying files that
have file permissions set to allow modification or writing. This also
includes creating new files, renaming, or deleting existing files in
directories that may have directory permissions set to allow creation
or modification of files. When in doubt, don't
write.
5.2.5. Receipt and
distribution of copyrighted material
Use of network services for the receipt, distribution, or use of and
copyrighted software or material without the express consent of the
copyright owner is prohibited.
5.3. Personal and Pecuniary Use
of Resources
The use
of CVM computing and network resources for personal or pecuniary
purposes is prohibited.
5.4.
Licensing and Copyright Infringement
Most software
packages and applications are licensed and/or copyrighted. Most
licenses and copyright agreements specifically prohibit copying or
unauthorized use of the software or data. When in doubt, don't
copy.
5.5.
File Storage
Many gigabytes of
disk storage are available to users on the CVM network. However much
total disk space is available, it will eventually all be used. User
accounts are set up such that each user has a home directory for
storing files. The home directories are located on the VETMAIL
server. There is also disk space available for temporary storage of
larger multimedia files on the VETMEDIA
server. Since there
is a limited amount of disk space free, all users are encouraged to
control their disk usage by archiving and deleting old or unused
files. Users should also try to avoid duplicating files that are
available elsewhere on the network (such as files located in the
x:\dist directory). Disk quotas must be enforced on all home
directories.
5.6.
Electronic Mail and Communications
Electronic mail is
the primary communications tool used by network users. Due to the
design goals of the Internet, electronic mail security is not very
strong. Therefore e‑mail should not be used to transfer secure
or confidential information. The
College of Veterinary Medicine follows the electronic mail policies
outlined for Kansas State University (Appendix B) with the following
amendments:
·
The system administrator will need written approval from the Dean of the
College of Veterinary Medicine to access specific mail and data for
the purposes of retrieving business related information, investigating
reports of violation of University policy or local, state or federal
law, or complying with legal requests for information.
5.7. Violation of Remote Site
Policy
Users of remote
sites or remote site services are bound by the rules and policies of
the remote site. If you do not know the remote site's rules and
policies, adhere to those outlined in this document.
5.8. Other Forms of Abuse
5.8.1. Worms and viruses
Anyone knowingly attempting to proliferate, write, or ftp worms or
viruses of any size, shape, or form will be remanded for criminal
prosecution.
5.8.2.
FTP
Using FTP to transfer files to or from remote sites that violate the
policies of the remote site is prohibited. In particular, transferring
files which are extremely large, contain material offensive to either
site, contain information to be used for pecuniary interests of any
party, or contain monetary or sexual solicitations is prohibited.
6.
Network Administrators' Responsibilities
Network
Administrators are held to a higher standard than the average user
because they have the capability and responsibility to maintain system
integrity. In the Novell NetWare operating system, such users are
given super-user access that allows them to read, write, or execute
any file on the system. Thus, systems administrators must be entrusted
with the security and privacy of all data on the network.
6.1. Privacy Considerations
Network
Administrators have access
to users' private information. Systems administrators are required to
protect the confidentiality and integrity of this information.
6.2. Liability
Network
Administrators are not liable for any loss of data or loss of service
on the CVM network.
6.3. Investigation of Violations
Network
Administrators are charged with investigating violations of CVM
network policy. During such investigations, the Network
Administrator may have complete access to all data on the CVM network
as needed for the investigation.
7. Enforcement
7.1. Temporary Access Restriction
An individual account's access to the
College of Veterinary Medicine network may be temporarily restricted
due many reasons, including:
·
maintenance
or servicing of network resources
·
investigation
of College of Veterinary Medicine network policy violation
Temporary
access restrictions are intended to be short lived and usually require
the account's owner to contact the Network Administrator for
reactivation. Note that investigations of network policy violations
may require any number of potentially affected accounts to be
temporarily restricted. The owner of the account may not be the object
of the investigation if, for example, it may be suspected that a third
party has cracked the user’s password.
7.2. Permanent Access Restriction
The Dean
of Veterinary Medicine or the affected users’ department head must
approve permanent access restrictions. All accounts assigned to a user
may be restricted and future network privileges denied.
8. Reporting Problems
8.1. Physical Security
Physical security is the most important
part of system security. Obviously electronic security means nothing
if the whole machine is stolen. Users should be aware of what
networked machines are in their vicinity and keep an eye out for any
suspicious activity. Doors to laboratories should be closed and locked
if there are no more users in the lab.
8.1.1. Theft and
vandalism
Theft and vandalism should be reported to the Kansas State University
Campus Police as well as College of Veterinary Medicine Computing
Group.
8.2.
Electronic Security
Electronic
security is also the responsibility of all users. Users should
periodically examine their files for unusual activities. Contrary to
popular belief, Network Administrators are not omniscient nor
omnipresent, so suspicious activities are often reported first by wary
users.
8.2.1.
Notification of local system administrators
Violation of College of Veterinary Medicine network policy should be
brought to the attention of the Network Administrator as soon as
possible. Depending on the nature of the violation, electronic mail or
telephone call is the best method of alerting the Administrator.
8.3.
Recovery of Deleted Files
User home
directories are incrementally backed up onto tape every working day,
and complete backups are performed bi-monthly. To request restoration
of deleted files, Contact the CaTS Hotline with
the following information:
·
exactly
which file(s) need to be restored; include the directory in which the
files were located (i.e. my home directory, file test.data)
·
the
date and time the file(s) were created
·
the
date and time the file(s) were last modified
·
the
date and time the file(s) were deleted
If
located on tape, the files will be restored and placed in a directory
named RESTORED in the user's home directory. It is the responsibility
of the user to move these files to their appropriate place and delete
the RESTORED directory.
Note:
files that are restricted under the College of Veterinary Medicine
network policy will not be restored.
Any corrections, additions, or suggested changes to this document can be
e-mailed to the CaTS coordinator at cats@vet.k-state.edu.