Business School

All students and staff are required to read and acknowledge this policy before they are issued with access to our network and related computer systems.

Policy of computing use in the Business School

Introduction

The Business School at The University of Western Australia aims to provide the best possible computing resources and services to its members, within financial constraints. The school aims to provide reliable and flexible usage with as few restrictions as is necessary for issues governing access to software, hardware and other resources.
Access to computing facilities is a privilege granted to members of the Business School or those that are granted access for a specific reason by the Manager of Computing Services or the Dean.

This policy augments the computer and software use regulations as adopted by the senate. Please note Rule 15 (Breach of Regulations) of the senate regulations.

1. User responsibilities
2. System administrator responsibilities
3. Regulations
4. Computer use regulations
5. Use of laboratories
6. Software copyright/licence regulation
7. Network restrictions
8. Federal law governing computer security

User responsibilities

General

The Business School computing facilities, including hardware, software, networks, and computer accounts, shall be used responsibly and appropriately, respecting the rights of other computer users and respecting all computer licensing agreements.

Computers and computer accounts, may be used only for authorised purposes of teaching, research or education.

Security

You are responsible for all use of your account and for protecting your password. Your account is for your personal use only, under no circumstances are you to let anyone else use your account.

Unauthorised use of your account is to be reported to the Manager of Computing Services or a Systems Administrator.

You are responsible for making backup copies of your data, files, programs and disks. The School endeavours to take reasonable precaution to guard against corruption of data and software or damage to hardware or facilities. The School is not responsible for loss of information from computing misuse, malfunction of computer hardware or software.

Co-operate with Systems Administrators requesting information about computing activities. Under some circumstances a Systems Administrator is authorised to access all computer files.

If a Systems Administrator requests that you change your password, please do so, as this will be in the interest of security.

Electronic communications facilities (such as email and internet), programs, servers and disk areas are for University activities only. Fraudulent, harassing or offensive messages and/or materials are not to be sent, retrieved, stored or viewed.

Files owned by other individual users or staff members are to be considered private, whether or not they are accessible by other users. Having the ability to read a file that does not belong to you or privileges have not been extended to you does not give you permission to do so.

Resources

Many resources such as file/disk space, CPU cycles, printer queues, batch queues, login sessions and software licenses are shared. No user shall monopolise these shared resources.
Not all facilities are public resources. Students found using non-public resources shall be disciplined in accordance with University Statute 17 (Discipline).

Matters of courtesy

You should keep to a minimum the amount of space that you use on the disk servers.
Sessions in laboratories should be kept to less than one hour if there are people waiting.
Monopolising a computer just to display job status or run a lengthy simulation while others are waiting to use one is strongly discouraged.

Game playing

Game playing is not allowed on any facility without appropriate authorisation from the Manager of Computing Services or a Systems Administrator.

Back to top 

Systems administrator responsibilities

Definition of systems administrator

Staff employed by the Busienss School who are responsible for systems and network administration. The staff are responsible to the Manager of Computing Services who is in turn responsible to the Dean.

Responsibilities

A Systems Administrator shall be governed by the same regulations as apply to users. However a Systems Administrator has additional responsibilities to the users of the network and systems they administer.

A Systems Administrator shall ensure that all users of the Systems, networks and servers that they administer have access to the appropriate hardware and software required for computing.

A Systems Administrator is responsible for the security of the system, network or servers.
A Systems Administrator must make sure that all hardware and software licence agreements are faithfully executed on all systems, networks and servers for which they are responsible.

A Systems Administrator must take reasonable precaution to guard against corruption of data and software or damage to hardware or facilities.
A Systems Administrator must treat information about data stored on the Systems as confidential.

Security

In discharging their duty to protect the security and integrity of a network, system or server and to allow users access to the hardware and software they require, a Systems Administrator may need to examine user information, files, diskettes or tapes. Situations include when a Systems Administrator:
a) is an eyewitness to a computing abuse.
b) notices an unusual degradation of services or other aberrant behaviour on the system, network or server.
c) receives a complaint of abuse or degradation of service.
d) has evidence that points to a user¹s computing activity as the probable source of a problem or abuse under investigation.
e) has other evidence indicative of abuse of the facilities.

While investigating a suspected abuse of computing; a suspected hardware failure; or a suspected bug in an application program, compiler, network, operating system, or system utility, a Systems Administrator should ordinarily ask a user¹s permission before inspecting the users files or disks. However, in cases that the Systems Administrator judges to be serious or in cases in which the user is not available in a timely fashion, the Systems Administrator may inspect the information in question. Permission to do this shall only be granted by Manager of Computing Services, or anyone so authorised by Manager of Computing Services or the Dean.

System Administrators install and periodically run non interactive Systems software to examine properties about user usage of the Systems which may indicate misuse, abuse, excessive use and user security holes. Systems Administrators can hold, cancel or restart a job or program to improve system performance.

Email - the right to read

Systems Administrators will not read the contents of email unless there is reasonable evidence that a regulation has been broken and there is likely to be evidence in the mail.

At other times the Systems Administrator may examine messages to determine the reason for mail having bounced (returned due to a bad address) but will make a reasonable effort not to examine the contents.

Systems monitoring

Systems Administrators reserve the right to monitor what users are doing on the Systems at different levels.

For day to day tasks, an examination of what jobs users are performing and how much load they are creating may occur. Generally these events are automatically logged.

Where there is evidence that there is a violation of some regulation, the Systems Administrator may monitor at the lowest level of watching keystrokes being typed and the results of these keystrokes.

Back to top

Regulations

General

This document describes the Business School¹ Regulations governing use of all computing facilities and software provided by the School. They have been designed to ensure the security of copyrighted software, to prevent misuse of facilities provided and to encourage the use of these facilities in a legal, ethical and responsible fashion. All people requiring the use of computing facilities must acknowledge acceptance of the terms and conditions described in this document.

Disclaimer

The School accepts no responsibility for the loss or damage arising directly or indirectly from the use of its computer facilities, and makes no warranty, express or implied, regarding the facilities or their suitability for any particular purpose.

The School reserves the right to, without notice, modify, upgrade, withdraw or otherwise alter facilities provided.

The School reserves the right to examine all computer data and software on its facilities, and to monitor usage, in order to ensure conformance with these Regulations and to ensure that the facilities function in a secure, efficient and effective manner.

These regulations are supplementary to any regulations imposed by The University of Western Australia.

Users

These regulations apply to all staff and students within the Business School, as well as to all external users having any form of legitimate access to facilities provided by the School.

Before being allowed to use any facilities provided by the School, users will be required to indicate acceptance of the terms and conditions described in this document, to the effect that they have read, understood and will abide by these regulations.
Any facilities provided for users are for the express purpose of work of departments within the School and may not be used for any other purpose.

Persons may not install any software on, or copy any software to or from, any facility without the appropriate authorisation.
Any person in breach of section 9 (Computer Use Regulations) of these regulations will be considered to be in misconduct and will be disciplined accordingly.

It should be noted that users are often identified by their usernames. Users who reveal their accounts/password to others may find themselves disciplined under the terms of this Policy.

Breaches

If a user subsequently fails to abide by these regulations the user will be considered in breach of discipline and subject to the disciplinary measures available under University Statute 17 (Discipline). The user may also be subject to civil and/or criminal legal action, if considered by the Business School as the person liable.

The Dean, Manager of Computing Services, or anyone so authorised by the Dean, may suspend a users privilege for using any facility of the School if, in any of their opinions, the user has failed to abide by these regulations.

Computing facilities

Facilities covered by these regulations include every kind of computer, software, network, internet traffic and related facilities located in the Business School or under control of the School. It includes all peripherals, media and software associated with that equipment. It includes all facilities owned or leased , or provided/used in the under agreement by a third party.

The Business School

The Business School is made up of the following program areas: Accounting & Finance, Economics, Information Management & Marketing, Organisational and Labour Studies.

Authorisation

Authorisation, as required by these regulations, can only be granted by the Dean, Manager of Computing Services or by staff so authorised by the Dean or the Manager of Computing Services.

Back to top

Computer use regulations

Access to facilities

You may use only those facilities which you have been properly authorised to use.
Where your use of the Business School facilities is governed by a password, then the password must not be divulged to any other person.
Any computer account allocated to you is for your exclusive use. You must not allow another person to use it.

You must not attempt to find out the password of another user, or to gain access to another¹s account. You must take every reasonable precaution to ensure that your password, accounts, software and data are adequately secured.

Use of facilities

Facilities may only be used for the purposes for which they have been provided. They may not be used for other projects, (e.g. hobby computing, personal or consulting work) except by prior agreement with the Faculties.

Facilities must not be wasted or consumed in inappropriate or irresponsible computing.
You must not attempt to install any software on any School facility without appropriate authorisation from the Manager of Computing Services or a Systems Administrator.

You must not attempt to tamper with any facility in any way, physically or via software means.
You must not attempt to harass others. This includes using computing facilities to send, retrieve or store obscene, abusive, fraudulent, threatening or unnecessarily repetitive messages.
You must not maintain and use an account when you have withdrawn from all work within the School for which that account was allocated.
You must not smoke, eat or drink around or in computer facilities provided by the School.

Back to top

Use of laboratories

All other regulations also apply.
Laboratory users should store their data files on their own network space (also known as drive H, zip disks or USB drives. You may temporarily store your files on the hard disk; however, files stored on the hard disk will be subject to automatic purging and will not be backed up.

The computer laboratories are not available for general use during the periods when rooms have been reserved for teaching. Staff may reserve laboratories for teaching on a first come first served basis.

No external software is to be used in the computer laboratories without authorisation from the Manager of Computing Services.

No copyrighted materials, such as e-Books or MP3's (and other music formats) are to be stored on or accessed on computers in the laboratories.

Users who have been supplied with access to the computer laboratories shall not provide access to the laboratories, or the buildings in which they reside, for anyone else.

You must not use more than one computer at any one time unless authorised by a Computer Laboratory staff member.

Any user who leaves their computer idle for periods greater than fifteen minutes may find their application aborted and the computer freed for others to use.

Printing

Only printed matter for courses within the Business School shall be printed. Users will be issued with a print quota based on the number of enrolled units. Once this is exceeded, further quota can be purchased at the rate displayed on laboratory notice boards.

Any work outside the School or not considered to be School course work, by a Computer Laboratory staff member, printed on any printer shall be paid for at the rate displayed on laboratory notice boards or the BITS web site.

Security

Regardless of the prevailing security, or lack of it, you shall not access any data or software except that which belongs to you or has been authorised for your use. You must not attempt to examine, disclose, copy, rename, delete or modify the data of another user without their express permission.

You must not attempt to recover deleted data, or discarded printouts, that do not belong to you.
You must not attempt to subvert any restrictions imposed on your use of any facility. You must report to the appropriate authority, without delay, any breaches in security.

Back to top

Software copyright/licence regulation

Under Australian Law all software is copyright by the author whether it explicitly contains a copyright notice or not. You must be aware of, and abide by, the relevant provisions of the Copyright Act as they apply to computer software, including the following.

• Software must not be copied except with the express permission of the copyright holder. -Software must not be adapted (including translation from one language to another) without the express permission of the copyright holder.
• The School computer facilities must not be used to make illegal copies of any piece of software. Illegally obtained software must not be used on the School computer facilities.
• You must comply with the provisions of any licence under which software is made available. -You must not make use of any software of whose origin you are unsure. You must not assume that any software is public domain unless it is clearly so labelled.

Network restrictions

Connection to our computer network shall only be carried out by the Network/Systems Administrator and Network Systems Officer.

Users who access their accounts from foreign systems are asked notify a Systems Administrator of their intention to do so before they do it. Otherwise it may be viewed as an unauthorised incursion into the system.

Internet and Dialup facilities are provided for course work related activities only. Users who wish to have Internet access from home for personal use must obtain an account with an Internet Service Provider. Users found generating traffic of excessive volume or non course related content shall have their access revoked, and may be subject to fees and other disciplinary measures.

Any internet browsing not considered to be School course work, by a Computer Laboratory staff member, shall be paid for at the rate displayed on laboratory notice boards or the BITS web site.

Back to top

Federal Law governing Computer Security

CRIMES ACT 1914
SECTION 76A

(1)In this Part, unless the contrary intention appears:

"carrier" means:
(a) a general carrier within the meaning of the Telecommunications Act 1991; or
(b) a mobile carrier within the meaning of that Act; or
(c) a person who supplies eligible services within the meaning of that Act under a class licence issued under section 209 of that Act;
"Commonwealth" includes a public authority under the Commonwealth;
" Commonwealth computer" means a computer, a computer system or a part of a computer system, owned, leased or operated by the Commonwealth;
"data" includes information, a computer program or part of a computer program.

(2)In this Part:
(a) a reference to data stored in a computer includes a reference to data entered or copied into a computer; and
(b) a reference to data stored on behalf of the Commonwealth in the computer includes a reference to:

(i) data stored in the computer at the direction or request of the Commonwealth; and
(ii) data supplied by the Commonwealth that is stored in the computer under, or in the course of performing, a contract with the Commonwealth.

SECTION 76B

(1) A person who intentionally and without authority obtains access to:
(a) data stored in a Commonwealth computer; or
(b) data stored on behalf of the Commonwealth in a computer that is not a Commonwealth computer;
is guilty of an offence.
Penalty: Imprisonment for 6 months

(2)A person who:
(a) with intent to defraud any person and without authority obtains access to data stored in a Commonwealth computer, or to data stored on behalf of the Commonwealth in a computer that is not a Commonwealth computer; or
(b) intentionally and without authority obtains access to data stored in a Commonwealth computer, or to data stored on behalf of the Commonwealth in a computer that is not a Commonwealth computer, being data that the person knows or ought reasonably to know relates to:

(i) the security, defence or international relations of Australia;
(ii) the existence or identity of a confidential source of information relating to the enforcement of a criminal law of the Commonwealth or of a State or Territory;
(iii) the enforcement of a law of the Commonwealth or of a State or Territory;
(iv) the protection of public safety;
(v) the personal affairs of any person;
(vi) trade Secrets;
(vii) records of a financial institution; or
(viii) commercial Information the disclosure of which could cause advantage or disadvantage to any person.
is guilty of an offence
Penalty: Imprisonment for 2 years

(3)A person who:
(a) has intentionally and without authority obtained access to data stored in a Commonwealth computer, or to data stored on behalf of the Commonwealth in a computer that is not a Commonwealth computer;
(b) after examining part of that data, knows or ought reasonably to know that the part of the data which the person examined relates wholly or partly to any of the matters referred to in paragraph (2) (b); and
(c) continues to examine that data;
is guilty of an offence.
Penalty for a contravention of this subsection: Imprisonment for 2 years

SECTION 76C

A person who intentionally and without authority or lawful excuse:
(a) destroys, erases or alters data stored in, or inserts data into a Commonwealth computer;
(b) interferes with, or interrupts or obstructs the lawful use of, a Commonwealth computer;
(c) destroys, erases, alters or adds data stored on behalf of the Commonwealth in a computer that is not a Commonwealth computer; or
(d) impedes or prevents access to, or impairs the usefulness or effectiveness of, data stored in a Commonwealth computer or data stored on behalf of the Commonwealth in a computer that is not a Commonwealth computer;
is guilty of an offence.
Penalty: Imprisonment for 10 years

SECTION 76D

(1) A person who, by means of a facility operated or provided by the Commonwealth or by a carrier, intentionally and without authority obtains access to data stored in a computer, is guilty of an offence.
Penalty: Imprisonment for 6 months

(2)A person who:
(a) by means of a facility operated or provided by the Commonwealth or by a carrier, with intent to defraud any person and without authority obtains access to data stored in a computer; or
(b) by means of such a facility, intentionally and without authority obtains access to data stored in a computer, being data that the person knows or ought reasonably to know relates to:
(i) the security, defence or international relations of Australia;
(ii) the existence or identity of a confidential source of information relating to the enforcement of a criminal law of the Commonwealth or of a State or Territory;
(iii) the enforcement of a law of the Commonwealth or of a State or Territory;
(iv) the protection of public safety;
(v) the personal affairs of any person;
(vi) trade Secrets;
(vii) records of a financial institution; or
(viii) commercial Information the disclosure of which could cause advantage or disadvantage to any person.
is guilty of an offence
Penalty: Imprisonment for 2 years

(3)A person who:
(a) by means of a facility operated or provided by the Commonwealth or by a carrier, has intentionally and without authority obtained access to data stored in a computer;
(b) after examining part of that data, knows or ought reasonably to know that the part of the data which the person examined relates wholly or partly to any of the matters referred to in paragraph (2) (b); and
(c) continues to examine that data;
is guilty of an offence.
Penalty for a contravention of this subsection: Imprisonment for 2 years

SECTION 76E

A person who, by means of a facility operated or provided by the Commonwealth or by a carrier, intentionally and without authority or lawful excuse:
(a) destroys, erases or alters data stored in, or inserts data into a computer;
(b) interferes with, or interrupts or obstructs the lawful use of, a computer;
(c) impedes or prevents access to, or impairs the usefulness or effectiveness of, data stored in a computer;
is guilty of an offence.
Penalty: Imprisonment for 10 years

Back to top