III. Legal Use of Software

UC San Diego has strict policies that require all employees to honor the full legal intent of any software licenses. In the Dean's office that campuswide policy is strictly enforced. You should never give away copies of any software that requires a legal license to use, and you should never attempt to copy software to your system for which you are not sure you have a legal license. It is the employee's responsibility to be aware of these rules on software licensing. Ignorance of the legalities is not a legitimate excuse for violating software copyrights. If you are not sure, you can verify with be-help what is or is not acceptable.

IV. Violations of Computer Policies

The seriousness of the policies pertaining to account and password security as well as software licensing cannot be understated, and will result in action being taken if they are ignored. Violations of the policies pertaining to passwords, account sharing, or software licensing will result in an employee's account being deactivated. The account will not be reactivated until there is a review with that employee's supervisor and possibly other Bioengineering managerial staff.

V. Computing Problems

All computing problems must be expressed in email to be-help. Please do not email to individual staff directly! Even if the problem is directly addressed to one of them, email all concerns to be-help. This ensures that everyone are kept informed of all computing activities.

When emailing be-help regarding a problem, include as much information as you can. For example, "My computer keeps crashing" is not helpful. "My computer keeps crashing whenever I use Microsoft Word" is slightly better. However, the best email (which will result in the quickest resolution of the difficulty), will contain something to the effect of "My computer keeps crashing whenever I attempt to print a large document from Microsoft Word, with a lot of other applications running in the background". The more specific your description of the problem, the better we can help you, and the more quickly we can resolve your difficulty. If you can include a specific error message (even if it seems like garbage to you), this is even better still.

Finally, when including the locations of files, make sure to use the appropriate conventions, as demonstrated below:

• Macintosh: Server-Data\Be-help\New User Accounts\New User Account Form
• UNIX: /usr/local/bin/pine
• Windows: C:\Windows\System32\Kernel32.dll
• WWW: Bioengineering Main Page: Computing Facilities: General Information
  or http://www-bioeng.ucsd.edu/computer/computer_info.html

VI. Security

Security is a very important issue for a number of reasons. If someone gains access to your computer account, they have access to all private documents that you possess, including all email both sent and received by you. More importantly, they then have access to all of the Bioengineering computing resources, which means they could destroy literally years of UCSD research.

The very best efforts are made to ensure computer system security. However, the systems are only as secure as their weakest link. For these reasons, the following policies are in effect regarding security:

1. You must never share your password with anyone, nor log anyone on to any Bioengineering computers using your password. This includes accounts used solely for email. No one from the computing staff will ever ask you for your password, so you should view all requests for your password as acts of illegality. Memorize your password and avoid writing it down.
2. When you are choosing a password, you should follow these guidelines:
• Never base it off of any words in the dictionary, or any easily decipherable terms, such as the name of a place, the name of a friend, or any other terms easily associated with you or your occupation.
• In your password, use mixed case, along with at least one number and one special character. Avoid consecutive key combinations; the password "zxcvbnm", despite its obscurity, is easily crackable because it is the bottom row of keys on your keyboard.
• Use common sense. Ask yourself "Could someone ever figure out my password?" If the answer is anything but "No", you should change your password immediately, because your password is definitely vulnerable to a computerized password cracking program. Ironically, the best passwords are the ones that seem the most "computer-like": random strings of mixed-case letters and numbers/special characters.
3. The computing staff will attempt to crack passwords on a regular basis. If your password is cracked, you will receive an automated reply giving you a set period of time to change your password. If you do not change your password within this period of time, your account will be disabled, and you will have to contact be-help to get it reinstated. If the cracking program indicates that your password is especially vulnerable to attack, the computing staff may find it necessary to immediately disable your login. (Rest assured, however, that at no time during this process will the computing staff ever actually learn your password. The process is completely automated.)
4. If you are given an alarm code to the either the PFBH Computing Lab, you must guard it with the same secrecy you guard your password. If you are the last one leaving either lab, you must make sure the door is locked and the alarm is set.
   As stated before, the computing staff is constantly monitoring system security. If you have any concerns whatsoever that someone may have access to your account or computing resources in general, please notify be-help immediately.
5. Unless inspected and approved by the Bioengineering IT group no web server software shall be run on individual desktop computers or workstations. Such use poses a general threat to the data and information security of the Department and UCSD as a whole. Approval to run stand-alone web server software on a desktop computer or workstation shall be granted only:
   • If the machine in question has been demonstrated to be fully compliant with all UCSD guidelines for anti-virus and firewall software use;
   • For development and testing purposes;
   • Providing that external access to web server ports is limited by either host-based or network firewalls to computers within the UCSD campus networks (including VPN).

VII. Email

Be aware that if you use your account solely for email, several restrictions apply. First, you must abide by the same security policies as outlined above regarding your password. Refer back to section III. of this document if you have any questions regarding these policies. Also, be aware that your login will be severely restricted. Your account will be usable by a program such as Eudora, but if you manually login, you will only be able to use pine to check your email and nothing else. If you ever outgrow your email account and find you need to use your account for programming and the like, you must contact be-help.

VIII. Administrative Computing Issues

Windows File Server: All personal files must be placed in a specific user folder. Files not placed in a user folder will be moved to the special lost+found folder. This folder can also be used to place any files which you personally find out of place. Files left in this folder over 14 days will be deleted.

There is a specific naming convention for folders on the Server. When you examine your personal user folder, you should notice that there are four specific folders accessible by other people in the office, one folder named "Public", and one folder named "Private". Nobody other than you can get into the Private folder, so only place documents you want nobody else to read in here. The Public folder is intended as the primary means of sharing documents between coworkers. If you wish to give a document to a coworker, simply drop it in their users folder. All documents of any kind must be kept on the BioEng Server. Do not keep any files on your personal computer. Place any personal files in your Private folder on the Server.

General Etiquette: Please see the special section at the end of this document.

IX. Research Computing Issues

PFBH 165 Lab: The lab is open M-F, 8:00-4:30. You are also allowed to use the computer lab whenever an authorized person with a valid alarm code is in the lab. If you have a valid alarm code and keycode to the lab, you may use the lab at your discretion. However, be aware that you are personally responsible for all persons in the lab with you. If you have any doubts about the identities of persons in the lab or about their conduct, it is your responsibility to ask them to leave or otherwise resolve the issue.

Locking Terminals: If you are going to leave your terminal for any period of time less than 5 minutes (even "just to run to your office really quick"), you must type xlock your UNIX prompt. This will lock your terminal, so that no one else can access your account or the computers in general. If you are leaving your terminal for more than 5 minutes, you must log out. This is to ensure that the computers are available for use by everyone. If you have a very long job that you want to continue running even after you log out, you can type nohup [command] to ensure that it is not stopped by you logging out.

Windows Workstation: The Windows NT Workstation in the lab is to be treated like all other workstations in the lab. Everyone has their own UCSD login, and people are not to share logins (i.e., the usual security policies apply). To login, logout, or lock your terminal, press the key combination <Ctrl>+<Alt>+<Del> (the standard way of rebooting PC's).

X. Severance and Account Termination

Upon notification of an employee's severance from the department, the following steps will be taken regarding his or her Bioengineering computer account:

1. The account will immediately have its login disabled. This eliminates any potential security risk posed by lingering active accounts.
2. The account will remain on disk for approximately 30 days. Also, all mail will be forwarded to the person's new email address, if applicable.
3. At the end of this 30-day period, the account will be backed up to a removable medium (such as a CD or tape) and permanently removed from disk.
4. If the person has access to the NT Server, that person's Server-Users folder will be placed in a read-only folder, accessible only by senior staff. Again, after 30 days all files will be removed.

XI. Computer Etiquette

In general, following the basic guiding principles of "the golden rule" and "use common sense" are very good starting places. Disk space usage and directory structures are two areas that always seem to be abused. Keep in mind that you are sharing a server/computer with many other members of the Bioengineering Dept. As a result, don't fill up the disks with large junk files, or create huge subdirectory nestings that will result in poor file system performance. Again, if you ever have a question, concern, or simple curiosity regarding computing, please email be-help. Finally, if you don't know what something on your computer does, don't remove it or otherwise change it without first contacting be-help to make sure there will be no negative consequences.

IV. Additional Information

If you need additional information or have any additional questions please email
be-help@bioeng.ucsd.edu

1. Facilities may not be used for illegal activities, including copyright infringement.
2. Activities which compromise computer security or disrupt services, at any site, are prohibited.
3. Facilities may not be used for commercial purposes.
4. Usage of the lab must adhere to ethical guidelines. Harassment, for example, is prohibited.
5. Care should be taken to avoid interfering with the work of other users. Here are few examples:

• Do not engage in recreational computing when systems are busy and are needed for instructional computing.
• Do not fill up public areas of disk with large files.
• Do not waste resources or circumvent resource control mechanisms.
• Do not leave non-essential processes running when you are not logged in.
• Do not tie up special equipment unnecessarily and thereby prevent others from doing their work.
• Users who leave their workstations locked and unattended for more than 10 minutes may be logged out if deemed necessary by the system administrator.

1. Users are responsible for reporting equipment failures and policy violations to the system administrator. Users are also responsible for ensuring that all resources being charged for are properly assigned to a valid budget number.
2. The Computation and Visualization Lab is an active research area. Social gatherings should not be held in the lab.
3. Music should be kept at a reasonable level.
4. Users who feel that they have legitimate grounds for after hours use of the computer lab may request permission from be-help (be-help@bioeng.ucsd.edu). Authorization from a Bioengineering faculty member or the MSO is required.

• Under no circumstances is your keycode or alarm code to be shared with others.
• When the last keycode entry leaves the lab, it is their responsibility to make sure the lab is emptied of all persons, the doors are locked, lights are off, and the alarm is activated.
• The last keycode to leave the lab assumes full responsibility for the state of the lab upon exit.
• NOTE: The alarm code serves as a keycode holder's signature and may be used to determine who was last in the lab if a theft or other incident occurs. This underscores the importance of not sharing alarm codes or keycodes.

• An authorized person is someone who is recognized by the Department as having a keycode and alarm code for the computer lab. Anyone else is considered to be an unauthorized person.
• NOTE: The Department of Bioengineering reserves the right to revoke access to the lab at any time.