General Policy on the Use of Information Systems - Updated 21.11.2022

This document describes the General policy on the use of information systems in Metropolia. These rules apply to everyone who uses Metropolia's information systems. The rules also apply to workstations in general use at the University and to all devices connected to the Universities network.

A summary of the general policy can be found below, which contains the most important points.

Purpose of this Policy

University of Applied Sciences must ensure the confidentiality, integrity and usability of the data of all its different user groups, and provide a reliable and secure environment for data processing. These and other policies are written to help the different user groups to know the rights, responsibilities and obligations that are tied to the user rights. Even unintentional negligence of responsibilities linked to the user rights can endanger the integrity, confidentiality and usability of data belonging to other users.

All computer users within the University shall follow, in addition to these policies, the other rules and advice for information systems given by the University, good manners and Finnish legislation. Usage against this policy or other policies or rules concerning information system usage will be dealt with according to the policy of consequences for IT offences.

Principles of Usage

The major principles governing all use and interpretation of usage policies are:

• All entitled to use have a possibility to reasonable and relevant use.
• Other users or organizations and information systems within the network may not be harmed or damaged.
• Right to privacy shall be respected.
• The user account provided by the University is personal.
• The user is liable for all use of his or her account.

The University information systems are meant as tools for tasks related to studying, research, teaching and administration within Metropolia University of Applied Sciences. Other use requires separate agreements.

All users shall participate in taking care of general information security matters. Even if a single user has nothing special to secure, other users may have. All users share a personal responsibility for the overall security of the information system. Observed or suspected insufficient information security and misuse shall be reported to the helpdesk.

Users are responsible for the protection of their own files, and ultimately of making back-ups. The University makes back-ups of centrally stored files, but will not be liable for damages caused by possible eradication of files.

It is forbidden to connect computers or other equipment to University's physical network without permission from network administrator. When connecting equipment given guidelines must be followed. Personal computers should be connected to wireless LAN.

User Rights and User Accounts

User rights may not be transferred. If there is a reason to suspect that a password or other identifier has come into another person's possession, the password shall be changed or the use of the identifier shall be prevented immediately. The Password shall be changed at regular intervals and it must be difficult to guess or break.

Tietojärjestelmien yleiset käyttösäännöt