Trakya Unıversıty Computer, Network And Informatıon Resources Usage Guıdelınes

CHAPTER ONE

Purpose, Scope, Basis and Definitions

Aim

Article 1–( 1) The purpose of this directive is to determine the rules that will ensure the effective and efficient use of our information and communication resources by our users in the process of producing, storing, protecting and sharing the information that is a necessary condition for scientific development and that our university needs.

Scope

Article 2 – (1) The provisions of this directive cover our university’s administrative and academic staff and students, as well as stakeholders and visitors who are granted temporary and/or limited authorization to use our IT resources for any reason.

Rest

Article 3 – (1) This Directive has been prepared based on the provisions of the Second Part (Crimes Against Individuals)   Ninth Part (Crimes Against Private Life and the Secret Area of ​​Life) of the Turkish Penal Code No. 5237, the Third Part (Crimes Against Society) Tenth Part (Crimes in the Field of Information Technology) , the “Electronic Signature Law” No. 5070, the “Law on Regulation of Publications Made in the Internet Environment and Combating Crimes Committed by Means of Such Publications” No. 5651, the Electronic Signature Law No. 5070, the Regulation on the Principles and Procedures Regarding the Implementation of the Electronic Signature Law, Article 12 of the Higher Education Law No. 2547, the Public Financial Management and Control Law No. 5018, as well as the ULAKBİM Usage Policy.

Definitions

Article 4 – (1) In the directive,

a) BİDB: Trakya University Information Technology Department,

b ) Units: Trakya University units, c) Departments: Trakya University departments

c ) DHCP: The service used to assign IP addresses and additional parameters to computers on the network,

d ) DNS: Domain Name System,

e ) EBYS: Electronic Document Management System,

f ) IP : Internet Protocol Number,

g) Secondary Use : Use of idle capacity that falls outside the definition of primary use, does not limit the purposes specified in primary use and is not needed within the scope of primary use.

g) Download : Downloading from the internet or any application to personal computers.

transfer of knowledge,

h ) Off-Campus Users :  Private and legal persons who are determined through identity verification to be temporarily and/or limitedly available for use of Trakya University IT resources and who continue to be affiliated with Trakya University, academic and administrative staff, students or persons who have been granted the right to use the IT resources within Trakya University by accessing them through various methods from outside the university campuses,

i) Campus    Users :   Private or legal persons who access Trakya University IT resources from within the university campuses and use them with identity verification, who are still affiliated with Trakya University, permanent/temporary personnel who hold academic and administrative positions in units within the administrative structure of Trakya University, and all students who continue their education at Trakya University,

i ) KamuSM: Electronic certificate service provider established within the Scientific and Technological Research Council of Turkey,

j ) MAC: Protocol used to identify the network equipment of a device in a computer network.

k ) NES: Electronic files used electronically to prove a person's identity, such as an identity card, driver's license or other identity documents,

l) Rectorate: Trakya University Rectorate,

m ) Basic Usage : The use of Trakya University IT resources directly related to the university's education, training, research, development, social service and administrative/managerial activities,

n ) Trakya University Information Processing Center: The center where the systems that provide access to all local and internet networks, servers and similar services come together and are managed, operating under the Trakya University Information Processing Department.

o) Trakya University Information Resources: All kinds of computers/computer networks and electronic devices connected to this network, other hardware, software and services, whose property rights belong to Trakya University and are licensed/leased by Trakya University, located within Trakya University campuses or established and managed by Trakya University BİDB.

ö) Trakya  University Information Resources Users:   Private and legal persons who are determined by identity verification by defining the necessary authorization on these resources to use Trakya University information resources,

p ) ULAKNET: “National Academic Network” to which Trakya University local network is connected.

“Network”,

r ) University: Trakya University,

s) Local Network:   The internet network that connects the IT resources of the center and all units affiliated to Trakya University,

ş) Visitor :   Persons and organizations that do not have the right to use Trakya University IT resources as defined under the headings of campus users and off-campus users, and who only use resources or services such as Trakya University web pages open to general use, Trakya University electronic list service, ftp service by visiting them.

expresses.

CHAPTER TWO

Principles of Use of Computer, Network and Information Resources

Sharing the password

Article 5 - (1) Users' passwords are confidential and personal and should not be shared with anyone. Any transaction made with the username and passwords given to individuals is the responsibility of the user.

Purpose of using IT resources

Article 6 - (1) It is essential that information resources are used for the production, processing, storage, protection and communication of information that is of fundamental importance for the scientific research, academic activities and educational activities of the university, as well as service provision and administrative functions.

Comply with ULAKNET Policies

Article 7 - (1) All units and all users who provide information resources have the responsibility and obligation to comply with the usage policies of ULAKNET and other national/international networks on which the university computer network and local network infrastructure are located and to take the necessary measures.

Avoid wasting resources

Article 8 - (1) University IT resources cannot be wasted by those who use these resources. The university's information and communication systems and equipment are used for the conduct of institutional affairs and academic studies.

Protection of privacy

Article 9 - (1) Users of university IT resources must protect the confidentiality/privacy of user information through data transfer over the network, take security measures according to their risk levels to minimize threats to the resource, and perform backups according to their criticality levels.

Fair use and security

Article 10 – (1) Units that provide university IT resources ensure that the resources are used fairly and keep information that may have evidentiary value in cases concerning security in an order that will enable the identification of those using the resources.

Responsibility of units

Article 11 - (1) Units that provide university IT resources are deemed to have assumed responsibility for the use of these resources. In the event that resources are used inappropriately by a user affiliated with the unit or department, cooperation opportunities should be provided between the relevant unit or department management and the BİDB.

Authorization of use of resources

Article 12 - (1) University IT resources are used within the framework of rules and guidelines determined by the authorities authorized by the university administration, in a manner that does not exceed the purpose for which the authorization was granted and with appropriate authorization for each job to be done, and cannot be changed or eliminated without authorization.

Compliance with terms of use

Article 13 - (1) University IT resources are used in accordance with the rules of use of all kinds of resources such as software, hardware, network resources created using these resources and hosted/used on these resources, as well as the rules and conditions regarding permission, reference, copyright, license and network use.

Transfer of resources​

Article 14 - (1) University IT resources cannot be used for the purpose of transferring or renting the right to use ,  directly or indirectly, or for uses of a commercial nature or for generating income without permission from the Rectorate.

Monitoring data traffic

Article 15 - (1) Monitoring, storage, transfer and distribution of information/data and/or traffic on the local network and IT resources, system or network; providing line usage opportunity to others.

It cannot be used for the purpose of using excessive bandwidth in a way that will not allow it; trying to reach another computer, network or user's information/data without the other party's permission, whether successful or not, monitoring, investigating and destroying this information, trying to obtain or spread user's access codes; attacking a system, network resource or service within or outside the Local Network.

Data traffic responsibility

Article 16 - (1) All units are responsible for the entry and exit traffic created by their users. They quickly evaluate the information and warnings coming from BİDB on this issue and implement the necessary sanctions against the user who creates the undesirable and unwanted traffic as soon as possible.

Services that are prohibited from being used

Article 17 - (1) Users cannot use file sharing and similar software that are declared by BİDB to create unnecessary traffic and prevent the healthy operation of the local network in terms of scientific and academic activities. If the software in question is to be used for scientific purposes, a limited and temporary usage permit is requested from BİDB. Similarly; access to file sharing sites on the Internet that create traffic can be shaped by BİDB to manage network traffic.

Responsibility for network traffic

Article 18 -(1) When BİDB detects a problem that may threaten security or the operation of the system, it cooperates rapidly and healthily with the relevant department or unit management to identify the person or sub-unit. Therefore, department or unit managements should document issues such as user connections, IP / MAC addresses, which socket on the network access device reaches which computer, and keep this information up-to-date. Managements must assign a person responsible for the local network structure and provide BİDB with the necessary access information so that it can reach this person quickly when necessary.

Use of resources to third parties​​​​​

Article 19 - (1) University IT resources cannot be used in order to distribute internal university information resources such as announcements, news, documents to third parties/organizations without authorization and/or permission, to access information belonging to the University and third parties/organizations and other resources such as computers, computer networks, software and services without authorization and/or unauthorization, and to engage in activities that prevent other users from using resources, or to damage resources/threaten the security of resources. No password given to users for the use of university IT resources can be given to third parties, and third parties cannot be allowed to access university IT resources.

IP duplication process

Article 20 – (1) Without the knowledge of BİDB, no unit or user can perform IP duplication behind a single computer within its own organization and connect many machines to the internet through this computer and cannot assign IPs to computers other than the IP groups determined by BİDB.

DHCP, DNS services

Article 21 – (1) DNS, DHCP Service is provided centrally by BİDB.

Apart from this, DNS and DHCP services cannot be provided by the units.

Opening and using corporate emails

Article 22 – (1) The opening and usage features of Corporate E-mail are as follows:

a) Personnel working in academic/administrative positions in units within the administrative structure of Trakya University and all students continuing their education life at Trakya University can obtain a Trakya University institutional e-mail account with the extension @trakya.edu.tr by applying to BİDB with a written/online request form and institutional identity information or, if deemed necessary, it will be opened automatically by the Information Technologies Department. In case of a conflict between the same NameSurname@trakya.edu.tr e- mails, the conflict will be resolved by a method deemed appropriate by the Information Technologies Department. In the e-mail system, e-mails older than 90 days in the “Trash” folder in active accounts are automatically deleted.

b) Academic/Administrative staff can use the Identity Verification System in internet access transactions with the username and password in the corporate e-mail account with the extension @trakya.edu.tr , in the Electronic Document Management System (EBYS), Information Management System (BYS), Online Access to Library Databases and other applications used by the university and specified in the "User Login" - Single Point on the home page.

c) Personnel defined on the Electronic Document Management System (EBYS) in accordance with the Trakya University Correspondence and Document/Document Registration Procedures Directive and the Trakya University Signature Authorities Directive can log in to the system with the username and password information in the corporate e-mail account with the extension @trakya.edu.tr .

d) Personnel whose relationship with Trakya University has been terminated indefinitely (excluding retirees).

Institutional e-mail accounts and personal web pages with the @trakya.edu.tr extension will be closed.

d) The corporate e-mail accounts of the personnel who retired from Trakya University and whose relationship  with the institution is terminated, with the extension @trakya.edu.tr , are left open if they make a written request at the stage of termination of their relationship with the institution. The retired personnel who wish to continue using the e-mail account that was left open are required to sign a commitment document stating that this account will only be used for the purposes stated in the Trakya University Computer, Network and Information Resources Usage Directive and that all responsibility belongs to them.

e) Institutional e-mail accounts with the extension @trakya.edu.tr , which are left open upon the written request of the personnel who retired from Trakya University,       will be automatically closed if they have not been used in the last 3 years. Personnel web pages will be closed at the latest 30 days following the date of departure.

f) If the passwords of the corporate e-mail accounts with the extension @trakya.edu.tr are obtained by others and it is determined that SPAM is being sent from these accounts, the passwords of the accounts belonging to the users are changed immediately and the sending process is closed.

g) The institutional e-mail accounts with the extension @trakya.edu.tr and personal web pages of the personnel assigned to receive postgraduate education at another university in accordance with Article 35 of the Higher Education Law No. 2547 are kept active.

h) The institutional e-mail accounts of graduate students who graduated from Trakya University with the extension @trakya.edu.tr are left open if they make a written request at the graduation stage. Graduates who want to continue using the e-mail account that is left open can continue using the e-mail account.

Students are required to sign a commitment document stating that this account will only be used for the purposes written in the Trakya University Computer, Network and Information Technology Resources Usage Directive and that all responsibility belongs to them.

i) Institutional e-mail accounts with the extension @trakya.edu.tr, which are left open upon the written request of postgraduate students who graduated from Trakya University, will be automatically closed if they have not been used in the last 3 years.

i) Students who do not continue their education at Trakya University or whose registration has been cancelled.

Institutional e-mail accounts with the extension @trakya.edu.tr and all folders in them should be updated at the latest

are deleted at the beginning of the academic year.

j) Institutional e-mail accounts and passwords with the extension “@trakya.edu.tr ” should not be used for registration on websites other than communication related to institutional applications and work and academic studies.

k) As required by quality and security standards, it is essential that the passwords of computers, applications and e-mail accounts used within the institution are changed every 180 days and that the last 3 passwords of the user are not used in password update processes.

Unit pages

Article 23–( 1) Units and Departments are responsible for the operation, content and updating of their web pages. Documents that violate copyrights or are contrary to public morality should not be distributed or published on the web page in accordance with the Law on Intellectual and Artistic Works and other relevant legislation.

Disengagement procedures

Article 24 – (1) The personnel whose relationship with Trakya University is cut off indefinitely and the personnel who are assigned to receive postgraduate education at another university in accordance with Article 35 of the Higher Education Law No. 2547, are put into passive status in the system when they terminate their duties pending on their ID defined in EBYS during the “Disengagement Form” approval process and the Disengagement Form is approved.

(2) After the personnel whose place of duty has changed completes their pending duties in EBYS, their ID will be updated in accordance with the change in place of duty.

Unwanted emails

Article 25 - (1) University IT resources cannot be used to produce, host, transmit material that violates general moral principles, to engage in political propaganda, or to send random and unsolicited messages (SPAM messages). Users cannot use their e-mail accounts for commercial, political, religious, ethnic or profit purposes. They cannot send mass e-mails to a large number of users for advertising, promotion, announcement etc. purposes without permission. Permission must be obtained from the General Secretariat for mass announcements that are appropriate for scientific, academic and administrative work processes.

Equipment change​​

Article 26 - (1) Units or departments cannot make arbitrary changes, either at the software or hardware level, to the cabling system, network access devices and other equipment that BİDB has assigned the responsibility to install and maintain in its buildings.

If there is a problem, the technical officer of that unit, who was previously determined and notified to BİDB, will contact BİDB and the necessary change will be made after mutual information and approval by BİDB.

Change in technical managers

Article 27 – (1) When there is a change in the technical officers determined by the units and reported to BİDB, it is essential that the new information is officially reported to BİDB and that communication between the units and BİDB is carried out through these persons in order to ensure that the workflow is resolved in a short time.

Responsibility for non- personal pages

Article 28 – (1) Units, departments, clubs, communities and individuals are responsible for the content of the web pages they create on their own behalf. The responsibility for non-personal pages of units, departments, clubs, communities or groups belongs to the faculty member and/or administrator who requests the creation of the relevant website from BİDB in an official letter.

Possession of harmful material

Article 29 – (1) Users cannot keep documents that would constitute a legal crime or documents, software or materials that could destroy or damage computer and network security on portable and desktop computers and data storage devices belonging to the institution and/or person within the university.

Unexpected situations​​​​

Article 30 - (1) Situations where the usage and user definitions are insufficient or not defined within the “Trakya University Computer, Network and Information Technology Resources Usage Directive” document are evaluated by the University authorities.

Disclaimer of legal liability​​​

Article 31 –(1) "Legal Disclaimer" texts, Terms of Use

It does not indicate that uses contrary to its principles are acceptable.

CHAPTER THREE

Regarding the Use of Computer, Network and Information Resources

Rights, Authority, Responsibilities and Sanctions.

Article 32 Declaration of authority and responsibility

- (1) The authority and responsibility for the installation and operation of the Internet network in the university belongs to BİDB. BİDB is responsible for establishing, operating and renewing the infrastructure created to provide access to IT resources for departments and units in line with academic, administrative, educational and research purposes. BİDB has the responsibility and authority for technical planning and implementation of the establishment of network access points determined in all units.

( 2)   University IT resource users are responsible for all activities they perform on university servers using the "User Code/Password" pair and/or IP address allocated to them, the content of all kinds of resources such as documents, papers, software, etc. that they create using university IT resources and/or keep on the university IT resource allocated to them, the accurate and complete provision of information requested by the authorized bodies regarding the use of the resource, and their compliance with the rules of use of the relevant resource, university regulations, the laws of the Republic of Turkey and the regulations attached to them.

is responsible.

(3) The University Rectorate and/or authorized units determine general rules regarding the use of university IT resources, continuously evaluate these rules in line with the developing technology and changing/updated laws, and implement necessary changes. When such changes are made, users are informed through general announcement mechanisms.

Licensed software usage principles and procedures :​

Article 33 – ( 1) Copyright and License Policy and Usage Procedures of Licensed Software

a) Software used within the university is acquired within the framework of license agreements. The licensing responsibility and/or liability and responsibility arising from the lack of licenses for other software used by university personnel belong to them.

b ) Complying with the form and spirit of the laws regarding copyright and patents, and thus protecting and strengthening intellectual property rights, is one of the university's fundamental priorities. Users agree to use all kinds of university-owned IT resources within the framework of this priority.

c ) Unless otherwise stated, users know and accept that all software is protected within the framework of copyright legislation.

c ) Software in use within the university cannot be removed, and copies of licensed software cannot be made except for backup applications for protection purposes.

Authorities and responsibilities regarding use​​

Article 34 – ( 1) Authorities and Responsibilities Regarding Use:

a)        In line with the basic objectives of the university, BİDB provides IT resources to its users on behalf of the university and ensures the operability and continuity of these services.

b ) BİDB cannot be held responsible for the information that will be lost and/or incompletely received/transmitted during internet traffic, or for the complete accuracy, validity or up-to-dateness of the information published on the internet platform.

c )   University IT resource users are personally responsible for all activities they perform on university servers using the "User Code/Password" pair and/or IP address allocated to them, the content of all resources such as documents, papers, software, etc. that they create using university IT resources and/or keep on the university IT resource allocated to them, and for providing accurate and complete information requested by the competent authorities regarding the use of the resource.

c ) The Rectorate or authorized units may use university IT resources.

It determines the general rules about, continuously evaluates these rules in the manner foreseen by the developing technology and implements the necessary changes. When such changes are made, users are informed through general announcement mechanisms.

d ) Personnel's date of birth, identity information, mobile phone number and e-mail address are not shared with third parties, except on the personnel's personal CV page, without their own initiative.

e ) Qualified Electronic Certificate applications for academic/administrative personnel determined by Trakya University Rectorate are made to the Public Certification Center by the General Secretariat. The obligation to protect the electronic signature belongs to the person for 3 years.

f ) If the application automations developed by external companies used by Trakya University are hosted on the university's servers, these systems are replicated in the disaster recovery center and regular backups are taken at daily/weekly/monthly intervals. Application servers deemed critical by the IT department are protected by taking hourly backups instantly. From users or the system

In case of a failure caused by a disaster recovery center, the systems can be restored with the backups.

is made operational.

( 2)   Trakya University notifies its personnel about Antivirus and/or similar software to be offered to users. The personnel must install this software on the computer they use within the institution and keep it up to date. The user personnel are responsible for any problems that may occur on computers that do not have Antivirus software installed.

(3) BİDB may take restrictive, blocking and supportive measures on all computers in accordance with the law in order to protect the university's institutional data, local network security and computers connected to the local network.

Sanctions regarding the illegal use of university IT resources​​​​

Article 35 – (1) In case of use of university IT resources contrary to the principles of use, university authorities may warn the user verbally and/or in writing, if the relevant action is within the scope of a violation of scientific ethics, forward the issue to the “Trakya University Science Ethics Board”, close the university IT resources allocated to the user for a limited or unlimited period, and activate academic/administrative investigation mechanisms and judicial judiciary mechanisms within the university.

Procedures and principles regarding local network infrastructure investments

Article 36 (1 ) In the construction/repair of new buildings with existing local network infrastructure within the university, the approval of the BİDB must be obtained during the project design and purchase stages of the cabling processes such as cable type, cable channels, routes, network switches, wireless access devices, cabinets and similar products related to the local network infrastructure.

CHAPTER FOUR Final Provisions

Force

Article 37 -(1) This directive shall enter into force on the date it is approved by the University Senate. 

Executive

Article 38 -(1) The University Rector shall execute the provisions of this directive.