Campus Server Management Measure of National University of Kaohsiung
Passed at school administrative 101st session on 16 October, 2009
Article 1 (Purpose)
According to "The Ministry of Education Campus Network Use Regulations" and "Campus Network Use Regulations" of our school,, establishment of server use policy in our school must comply with relevant laws and regulations such as intellectual property rights and the computer processing of personal data protection. As a result, the "Campus Server Management Measure" is formulated specially (hereinafter referred to as the Measures).
Article 2 (Applicable)
This measure is intended for open server of all administrative and teaching units, such as WWW, Mail, DNS, Proxy, BBS, FTP and so on.
Article 3 (Dedicated management)
The server installed by each unit must assign someone responsible for the management and maintenance of information and provide security related jobs. Each unit should bear the responsibility to supervise the network services provided, this includes server related information construction and inform the Library and Information Center. Individual users should first submit application to the relevant teaching or administrative unit before setting up server. One should not set up server privately to avoid incidents about inappropriate information security.
Article 4 (Work security)
Server administrators need to check the content of server regularly and record and track situations. Server administrators need to carry out regular system reinforcement such as related security, loopholes, weaknesses of the system (including the operating system and software) in order to avoid information security issues such as hacking.. Retreat (from) personnel access to the server by server administrators to cancel rights.
Article 5 (Content serves academic purposes)
Taiwan academic network is provided for academic use of school and research units, network in the campus network cannot provide commercial internet services, or free internet service that has commercial nature (including Mail server, web server, BBS and other types of servers, etc.), and should not have obscene and offensive information. For various services provided by the server, such as web browsing or download of software, it is recommended to declare at the homepage to notify the users for the more controversial content.
Article 6 (Intellectual property) (including software, services)
The software used by campus server must be legally purchased or be a free software to avoid infringement of copyright. Each unit should note the legitimacy of the shared folders of thefile transfer server (FTP) it provides. If it is shared software provided by the manufacturer or the copyright owner legally, the name of the manufacturer or the copyright owner should be provided with other authorization related information. The legitimacy of the content or service provided by server must be taken note of,, server administrators should inform users of regulation related to copyrights avoid infringement of intellectual property rights. Server administrators should immediately remove or disable the access of others to the violated material and inform the user that violated the right once they received notice by copyright holder about violations of rights involving the users. The reply procedure and timing for to the removed items or disabling other from accessing the content or related information should be handled in accordance with the relevant provisions of the copyright law.
Article 7 (Computer processing of personal data)
For servers that contain personal data files, server administrators should implement security maintenance in accordance with relevant laws to prevent personal information from being stolen, tampered with, damaged, lost or disclosure. Before server is sent for repair, the server administrator should remove personal data stored in the media, for those that cannot be removed, the vendors should be asked to sign confidentiality agreement. Before server is scrapped before server, server administrators should remove all personal data within the server storage medium completely, and perform formatting or physical destruction to avoid information leakage.
Article 8 (Information security incident handling)
If the campus server is reported to carry out non-claimed the service, hacked, occurrence of abnormal traffic, distribution of advertisement and actions such as violation of intellectual property rights or violation of the regulations herein, the Library and Information Center, in addition to the management unit of the server, should immediately terminate the network connection of server and recover its network connection after the issue is resolved.
Article 9 (Annex)
If any issue not stated in this regulation, it is still governed the regulation of Ministry of Education and other school rules.
Article 10 (Effective Date)
The measure is passed by the Executive Council, and is implemented after approval from the principal, any amendment is as shown.