Policy 150101 Appropriate Use of AU Internet Account
POLICY STATEMENT
AU Internet Accounts shall be used solely for legitimate University-related purposes. Your account may not be used for commercial purposes, nor may it be used in any way that would cause excessive network traffic or interfere with the work of others.

Policy 150102 Using the Internet in an Acceptable Way
POLICY STATEMENT
“AU member may not use the organization’s systems to access or download material from the Internet which is inappropriate, offensive, illegal, or which jeopardizes security. All Internet Use must be for university related purpose.”

Policy 150103 Keeping Passwords Confidential
POLICY STATEMENT
Unauthorized attempts to gain privileged access or access to any account or system not belonging to you on any University system are not permitted. Computer and network accounts provide access to personal, confidential data. Therefore, individual accounts cannot be transferred to or used by another individual. Sharing accounts or passwords is not permitted.

Policy 150104 Account Sharing
POLICY STATEMENT
“All data and information not in the public domain, relating to the organization’s business and its users, must remain confidential at all times.”

Policy 150105 Lost Password
POLICY STATEMENT
Users must notify AuNet Center immediately if users lost password or if it is disclosed to anyone. It is your sole responsibility to protect your password and to immediately notify AuNet of any unauthorized use of your account.

Policy 150106 Change password
POLICY STATEMENT
Users may change their own password on the Service at any time.

Policy 150107 Internet Account Responsibility
POLICY STATEMENT
Acknowledge that anyone who correctly enters your username and password will gain access to your account and that you will be responsible and liable for the activities of that person while they are on-line, for any material to which that person is exposed, and any and all costs or charges associated with that person's use of the Service.

Policy 150108 Account Expiration
POLICY STATEMENT
Student accounts expire upon change of status from continuing to non-continuing student. Faculty/Staff accounts expire immediately upon termination of employment. The availability of services is explicitly defined in the University

Top

Section 02: E-mail and Internet Usage

Policy 150201 Email Disk Space
POLICY STATEMENT
The maximum single email size that can be received is 10MB. We may delete any email message sent to you, or by you, if the size of the message (including attachments) exceeds 10MB. If we delete email messages, we are not obliged to notify you or the sender.

Policy 150202 Mail Application
POLICY STATEMENT
To read and send mails, users may use any mail applications that support POP3, IMAP, and HTTP (Web mail)

Policy 150203 Mails Storage Backup
POLICY STATEMENT
Personal mails should be downloaded to users' machine whenever possible. Mails stored on AuNet storage system will be backed up regularly. AuNet Center will not be responsible for any loss of mails stored on AuNet system, which is due to unavoidable causes.

Policy 150204 Unknown Email Attachment Files
POLICY STATEMENT
Do not open attachments you receive from others, unless they call you and advise you of what they are sending immediately before they send it.

Policy 150205 Downloading Files and Information from the Internet
POLICY STATEMENT
”Great care must be taken when downloading information and files from the Internet to safeguard against both malicious code and also inappropriate material”

Policy 150206 Using and Receiving Digital Signatures
POLICY STATEMENT
“The transmission of sensitive and confidential data is to be authenticated by the use of digital signatures whenever possible.”

Policy 150207 Sending Electronic Mail (E-mail)
POLICY STATEMENT
“E-mail should only be used for university purposes, using terms which are consistent with other forms of business communication. The attachment of data files to an e-mail is only permitted after confirming the classification of the information being sent and then having scanned and verified the file for the possibility of a virus or other malicious code.”

Policy 150208 Receiving Electronic Mail (E-Mail)
POLICY STATEMENT
“Incoming e-mail must be treated with the utmost care due to its inherent Information Security risks. The opening of e-mail with file attachments is not permitted unless such attachments have already been scanned for possible viruses or other malicious code.”

Policy 150209 Retaining or Deleting Electronic Mail
POLICY STATEMENT
“Data retention periods for e-mail must be established to meet legal and business requirements and must be adhered to by all staff.”

Policy 150210 Setting up Intranet Access
POLICY STATEMENT
“Persons responsible for setting up Intranet access must ensure that any access restrictions pertaining to the data in source systems are also applied to access from the organization’s Intranet.”

Policy 150211 Setting up Extranet Access
POLICY STATEMENT
“Persons responsible for setting up extranet access must ensure that any access restrictions pertaining to the data in source systems are also applied to access from the organization’s Extranet.”

Policy 150212 Setting up Internet Access
POLICY STATEMENT
“Persons responsible for setting up Internet access are to ensure that the organization’s network is safeguarded from malicious external intrusion by deploying, as a minimum, a configured firewall. Human Resources management must ensure that all personnel with Internet access (including e-mail) are aware of, and will comply with, an acceptable code of conduct in their usage of the Internet in addition to compliance with the organization’s Information Security Policies.”

Policy 150213 Developing a Web Site
POLICY STATEMENT
“Due to the significant risk of malicious intrusion from unauthorized external persons, Web sites may only be developed and maintained by properly qualified and authorized personnel.”

Policy 150214 Receiving Misdirected Information by E-mail
POLICY STATEMENT
“Unsolicited e-mail is to be treated with caution and not responded to.”

Policy 150215 Forwarding E-mail
POLICY STATEMENT
“Ensure that information you are forwarding by e-mail (especially attachments) is correctly addressed and only being sent to appropriate persons.”

Policy 150216 Using Internet for Work Purpose
POLICY STATEMENT
“Management is responsible for controlling user access to the Internet, as well as for ensuring that users are aware of the threats, and trained in the safeguards, to reduce the risk of Information Security incidents.”

Policy 150217 Refuse email
POLICY STATEMENT
The University reserves the right to refuse mail and other connections from outside hosts that send unsolicited, mass or commercial messages, or messages that appear to contain viruses to University or other users, and to filter, refuse or discard such messages.

Policy 150218 Certainty of File Origin
POLICY STATEMENT
”Computer files received from unknown senders are to be deleted without being opened.”

Top

Section 03: Web Hosting Usage

Policy 150301 How to get web hosting
POLICY STATEMENT
Each AU member could have one's personal homepage published on AU Web Hosting servers. Interested persons could apply personally at AuNet Center.

Policy 150302 Web hosting disk space
POLICY STATEMENT
Disk space (10 MB) will be sufficiently allocated for each user. More disk space will be allocated for faculty members using the facility for learning and teaching.

Policy 150303 Data backup not included
POLICY STATEMENT
Backups of data are done daily. Users are encouraged to create their own backups on their own computer. AuNet Center will not be responsible for any data loss that is due to unavoidable causes. AuNet Center will only restore data based on what it has in its tape backups.

Policy 150304 Purpose of web hosting
POLICY STATEMENT
Commercial use of web space on www.webhosting.au.edu is prohibited by AuNet Center policy and State law

Policy 150305 Personal home pages
POLICY STATEMENT
Students and staff operating personal home pages using University accounts have a special responsibility to ensure they comply with this Code of Practice. Staff and students must link their personal home pages to a department, faculty or some other official University home page. The administrators of official University home pages have a responsibility to ensure personal home pages linked to the home pages they administer do not lower the image of the University as an institution dedicated to the achievement of excellence.

Top

Section 04: Modem Usage

Policy 150401 Accessing your Network Remotely
POLICY STATEMENT
”Remote access to the organization’s network and resources will be permitted provided that authorized users are authenticated, data are encrypted across the network, and privileges are restricted.”

Policy 150402 Number of Modem
POLICY STATEMENT
A number of modems (56K and ISDN) have been deployed for university members to connect to the Internet at home. AuNet Center considers reducing the ratio of modem port per users to 1 per 15.

Policy 150403 Modem Time per session
POLICY STATEMENT
AU users could use the modem services for 3 hours per session, but not more than 45 hours a month.

Policy 150404 Idle time of Dial-up connection
POLICY STATEMENT
Dial-up connections to this Internet Access Service that are idle for 15 minutes or longer will be disconnected. Idle time is defined as a period during which no input or output is sent or received across the modem connection.

Top

Section 05: Remote File Storage (iFolder)

Policy 150501 File Storage Disk Space
POLICY STATEMENT
Each user will have a disk space of 10 MB for personal file storage.

Policy 150502 Backup of File Storage
POLICY STATEMENT
Data stored on AuNet storage system will be backed up regularly. AuNet Center will not be responsible for any loss of data or mails. Users are encouraged to create their own backups on their own computers. Personal mails should be downloaded to users' machine whenever possible.

Policy 150503 Giving Access to Files and Documents
POLICY STATEMENT
”Access to information and documents is to be carefully controlled, ensuring that only authorized personnel may have access to sensitive information.”

Top

Section 06: Streaming media use

Policy 150601 Streaming Media Download
POLICY STATEMENT
Users should schedule communications-intensive operations such as large file transfers, video downloads, mass emailings and the like, for off-peak times.

Top

Section 07: Information Downloads & Use of Multi-session Download Software

Policy 150701 Multi-session Download
POLICY STATEMENT
No multi-session download software may be used. Automatic blocks will be installed, and staff will perform “close monitoring of download activity”

Policy 150702 Game Online
POLICY STATEMENT
Game online is strongly discouraged. Appropriate actions will be taken to maintain quality Internet access.

Policy 150703 Material Download
POLICY STATEMENT
Do not deliberately visit, view, or download any material from any Web site containing sexual or illegal material or material which is offensive in any way whatsoever.

Policy 150704 Downloading Files and Information from the Internet
POLICY STATEMENT
“Great care must be taken when downloading information and files from the Internet to safeguard against both malicious code and also inappropriate material.”

Policy 150705 MP3 Download
POLICY STATEMENT
Do not use the university internet access to download MP3. Automatic blocks may be installed, and staff will perform “close monitoring of download activity”

Policy 150706 Internet Block
POLICY STATEMENT
The University has the right to block multi session download, Game Online, Peer to Peer Program (File Sharing), sex website.

Policy 150707 Gambling
POLICY STATEMENT
Gambling and possession of pornographic materials are illegal according to Thai laws. Possessors will be responsible for any of such action.

Top

Section 08: Instant message

Policy 150801 Transfer file via Instant message
POLICY STATEMENT
Do not sent or receive anonymous file via instant message program. Automatic blocks may be installed, and staff will perform “close monitoring of download activity

Policy 150802 Schedule communications
POLICY STATEMENT
Users should schedule communications-intensive operations such as Webcam Services, Audio conversation, large file transfers and the like, for off-peak times.

Top

Section 09: Virus Prevention

Policy 150901 Installing Virus Scanning Software
POLICY STATEMENT
On all PCs and Notebooks, an appropriate virus protection system must be installed. PCs or Notebooks affected by virus or generating virus attacks will be locked against network access until a complete clean up is effected.

Policy 150902 Handling Hoax Virus Warnings
POLICY STATEMENT
“Procedures to deal with hoax virus warnings are to be implemented and maintained.”

Policy 150903 Defending Against Virus Attacks
POLICY STATEMENT
“Without exception, Anti Virus software is to be deployed across all PCs with regular virus definition updates and scanning across servers, PCs and laptop Computers.”

Policy 150904 Responding to Virus Incidents
POLICY STATEMENT
“The threat posed by the infiltration of a virus is high, as the organization’s systems and data files. Formal procedures for responding to a virus incident are to be developed, tested and implemented. Virus Incident Response must be regularly reviewed and tested.”

Policy 150905 Windows Update (cover for Patch and Service Pack)
POLICY STATEMENT
User must update they windows

Policy 150906 Update Anti Virus Pattern File
POLICY STATEMENT
The university automatic updates Anti Virus Pattern File for inside the university 2 times a day (when turns on the computer and 12.00 noon). If users have anti virus software from the university (www.security.au.edu) on they notebook the system will automatically be updated.

Top

Section 10: Security and privacy concerns

Policy 151001 Intentional attack
POLICY STATEMENT
Any intentional attempt to attack, hack, or in any way cause damage to AU internetworking and service systems will be subjected to disciplinary actions.

Policy 151002 Internet Firewall
POLICY STATEMENT
AuNet Center has installed an Internet firewall to assure the safety and security of the Assumption University’s networks. Any users who attempts to disable, defeat or circumvent any Assumption University security facility will be subject to immediate dismissal.

Policy 151003 Data Transfer
POLICY STATEMENT
Files containing sensitive Assumption University data, as defined by existing corporate data security policy, that are transferred in any way across the Internet must be encrypted.

Policy 151004 Defending Against Premeditated Cyber Crime Attacks
POLICY STATEMENT
“Security on the network is to be maintained at the highest level. Those responsible for the network and external communications are to receive proper training in risk assessment and how to build secure systems which minimize the threats from cyber crime.”

Policy 151005 Safeguarding Against Malicious Denial of Service Attack
POLICY STATEMENT
“Contingency plans for a denial of service attack are to be maintained and periodically tested to ensure adequacy.”

Policy 151006 Defending Against Hackers, Stealth and Techno-Vandalism
POLICY STATEMENT
“Risks to the organization’s systems and information are to be minimized by fostering staff awareness, encouraging staff vigilance, and deploying appropriate protective systems and devices.”

Top

Policy 151101 Call Center Services
POLICY STATEMENT
AuNet Center provides telephone support for all networking problems.

Policy 151102 Technical Advisory Services
POLICY STATEMENT
If you have any difficulties with your connection it is your responsibility to inform AuNet Call Center on 02 300 4543-62 ext 3333. We will not be held responsible for any expense incurred through problems associated.

Policy 151103 Customer Account Services
POLICY STATEMENT
Provide internet account for AU member and solving for any connection network

Policy 151104 Service Request
POLICY STATEMENT
Receive all request from users by call center and cooperate with technical support to serve users.

Top

Section 12: Wireless Ethernet Connection

Policy 151201 Wireless Access Point
POLICY STATEMENT
Wireless Ethernet connections are being installed in several areas around campus
(At Bang Na Campus, on Floor 1 and 7 on SCIT Center and
At Hua Mak Campus, at Ground floor of P Bldg – Central Library – E Building – 9th Floor of Q Bldg)

Top

Section 13: Unacceptable Use

Policy 151301 Prohibited Activities
POLICY STATEMENT

(a) Use the Internet Services to send out unsolicited e-mail, whether of a commercial nature or not, which degrades the performance of the network;

(b) Send e-mail messages to another individual or another system who has explicitly asked you to stop;

(c) Distribute chain letters, pyramid schemes, “Ponzi” schemes, or multi-level marketing scams;

(d) Use the Internet Services to breach the security of another user, or to attempt to gain access to another person’s computer, software or data, without the knowledge and consent of that person or to attempt to circumvent the user authentication or security of any host, network or account, including accessing data not intended for your access, unauthorized logging into or making use of a server or account or probing the security of other networks;

(e) Use the Internet Services to interfere with (or encourage others to interfere with) computer networking or telecommunication services to any user, host or network, including denial of service attacks, flooding of a network, overloading a service, or attempting to crash a host;

(f) Distribute (or encourage others to distribute) spamware, mass e-mailing programs or technologies designed to overburden Internet operations;

(g) Use or distribute tools designed for compromising security, such as packet sniffers, ping bombers, cracking tools, password guessing programs or network probing tools;

(h) Transmit or disseminate any information or software which contains a virus, cancelbot, Trojan horse, worm or other harmful or disruptive component; or

(i) Breach current bandwidth or data storage restrictions to the point where such breach degrades network performance

(j) Otherwise overburden our network or affect our ability to provide services to other

Top