Initial version 2014-06-23
JASMIN ICT systems and services are governed by the following three policies which users must familiarise themselves with before accessing the system:
The JASMIN platform managed by the Centre for Environmental Data Archival (CEDA) and the STFC e-Science Centre provides virtual machines (VMs) for scientific usage. Some users will be granted the role of VM Administrator, which will give them “root” or “sudo” access to specific servers on JASMIN. The condition of use presented here must be agreed to in order for VM Administrator access to be granted.
The following roles have been defined for users of the JASMIN system:
A VM Administrator may be employed by an organisation external to CEDA. All VM Administrators must agree to abide by the following conditions in order to gain access to “root” or “sudo” privileges on a JASMIN VM.
Failure to comply will result in the suspension of the VM and may result in complete removal of access to the JASMIN platform. VM Administrators should note that all root commands are logged.
If you have any concerns about any activity that might breach the above conditions please contact CEDA.
JASMIN Users must be made aware of the principles of the Harmonised Research Council Policy, and any restrictions/guidance, before they have access to Research Council/establishment ICT systems and services.
If you have any questions on Information Security or the RCUK Acceptable Use Policy, please feel free to contact the Information Security Officer at email@example.com.
1.1 JASMIN relies on its computer and communications facilities to carry out its business. All these facilities can be put at risk through improper or ill-informed use, and result in consequences which may be damaging to individuals and their research, the Research Council community and to reputations.
1.2 The policy aims to provide clear guidance to all users concerning the use of Research Council computer and communications facilities. It provides a framework to
1.3 The policy covers use of all ICT systems and facilities provided either directly or indirectly by the JASMIN.
1.5 Any activity that falls outside acceptable use may result in service suspension. Any suspected illegal action will be reported to the police
2.1 Monitoring Statement
2.1.1 The Research Council reserves the right to monitor communications.
2.1.2 The Research Council employs monitoring techniques on its ICT systems and services, including e-mail and Internet access, to enable usage trends to be identified and to ensure that these facilities are not being misused.
2.1.3 Monitoring is limited, as far as practicable, to the recording and analysis of network traffic data. To this end, the Research Council keeps logs of: calls made on communications equipment such as telephones and fax machine; emails sent by e-mail address; internet sites visited by computer system address. In some cases, this means that the identity of the individuals involved in the communication is readily available. These logs are not routinely monitored on a continuous basis but spot-checks are carried out from time to time to help ensure compliance with this policy. Further authorised investigations may be necessary where there is reasonable suspicion of misuse of facilities
2.1.4 Since the Research Council owns and is liable for data held on its communications equipment and systems, it reserves the right, as part of any investigations, to inspect the contents of any e-mails or any other form of communications that are sent or received and of Internet sites accessed, for compliance with this policy. This will only be done where the volume of traffic or the amount of material being downloaded is excessive, or there are grounds to suspect that use is for "unacceptable‟ or "forbidden‟ activities.
2.1.6 Monitoring/investigations of individuals use of the Research Council‟s communications systems may also happen in the following circumstances:
2.1.7 Where monitoring is used, only Research Council staff trained in data protection compliance will investigate the recorded data. Confidentiality will be ensured for all investigations involving personal data, except to the extent that wider disclosure is required to follow up breaches, to comply with court orders or to facilitate criminal investigation. Logged data will not normally be retained for more than one year unless required by regulatory compliance.
2.1.8 In addition, members of the local IT Service Desk, Information Security representatives, Security Teams and Network Security Groups will conduct random audits on the security of the Research Council‟s ICT systems. These audits include examination of a small, randomly selected set of user devices and server systems. The audit checks that these systems have correctly licensed software, do not contain inappropriate material and have not been used to access or view inappropriate material that may violate this Policy.
2.1.9 Where monitoring reveals instances of suspected misuse of the ICT systems (e.g. where pornography or other inappropriate material is found, or where other unacceptable/forbidden use is found), these will be investigated.
2.2 Personal files, documents and e-mails JASMIN CEMS local policy amendment
To help safeguard their privacy JASMIN users should not store any materials of a personal or confidential nature on JASMIN systems.
3. Private/Personal use of JASMIN systems, services and facilities JASMIN local policy amendment
JASMIN systems, services and facilities are provided for research purpose only no personal or commercial activity is permitted.
4. Social Media
4.1 The use of social media on JASMIN is restricted to the support of research activities.
5. Related Policies and Procedures
5.1 Where an external network connection is provided as part of the Joint Academic Network (JANET), the JANET Acceptable Use Policy applies.
5.2 Users must familiarise themselves with the Research Council's data protection policies, relevant organisational, institute, local, site or project Information Security Policy, standards, best practice and guidance.