Internet Usage Policy - Fashion & Design Institute · Internet Usage Policy Page 9 of 12 Safe Internet surfing Avoid giving unnecessary information online (e.g. Subscribing to a newsletter

Fashion and Design Institute - ver1.0

Internet Usage Policy Page 0 of 12

Internet Usage Policy Staff

Version 1.0





A. Purpose

The purpose of this Internet Usage Policy is to ensure that

a) The staff of the Fashion and Design Institute (FDI) is informed about the

applicability of policies to the use of Internet;

b) The Internet access provided is being used in compliance to those policies; and

c) Users of Internet are informed about the security risks of the Internet.

B. Scope

The scope of the Internet Usage Policy applies to:-

a) All internet access services provided to or owned by the Fashion and Design Institute; and

b) All users, including those from outside the building, who have access to the Internet through Fashion and Design Institute infrastructure.

C. General

1. The Fashion and Design Institute encourages the use of Internet as a learning

and study tool. The Fashion and Design Institute of retains the copyright to

any material posted on the Internet by any staff in the course of his or her

study.

2. Internet access is provided for education use only.

3. Staffs should not use Internet facilities of the Fashion and Design Institute for

any unlawful purposes nor personal financial gains and should agree to abide

by all applicable national laws and regulations. Staffs with Internet access may

not upload to the Internet any software owned by or licensed to the Fashion

and Design Institute without the necessary authorization of IT section of

Fashion and Design Institute.



6. The browsing of any kind of offensive materials on any Fashion and Design

Institute of computer/network system is strictly prohibited. In addition, such

offensive materials may not be archived, stored, distributed, edited or recorded

using the network or computing resources of the Fashion and Design Institute.

7. No staff may use the Internet facilities of the Fashion and Design Institute to

propagate any virus or other malware.

8. No staff may use the Internet facilities of the Fashion and Design Institute to

disable or overload any computer system or network, or to circumvent any

system intended to protect the privacy or security of another user.

9. The Fashion and Design Institute reserves the right to block Internet sites as

it deems necessary to enforce compliance to this policy.

10. The Fashion and Design Institute reserves the right to monitor all Internet

usage and to inspect any or all files stored in private areas of the network

in order to assure compliance with policy.


D. Guidelines

2. User I D s a n d p a s s w o r d s h e l p m a i n t a i n i n d i v i d u a l accountability for

Internet resource usage. Any staff who obtains a User ID/password for an

Internet/network or any resource/facility from the Fashion and Design Institute

must keep that User ID/password confidential.

3. Individual passwords must never be shared or revealed to anyone. To give a

password to someone exposes the authorised user to responsibility for the actions

the other party takes using this password.

4. Common passwords are those used for access to resources, such WIFI, which must

not be shared. All users who need to access such resources need to obtain

authorization from the management of Fashion and Design Institute, after which the

IT section will be informed to do the necessary.

5. Staffs using laptop/computers not belonging to the institute connected to the

Fashion and Design Institute WIFI/network access the internet or otherwise

should be equipped with the updated version and definitions of anti-malware

software.

6. Staffs with Internet access may not use Internet/network facilities of the Fashion

and Design Institute for other purpose work related.

7. Users should be aware that screensavers and games downloaded over the Internet

may contain spyware or viruses. Spyware gathers user information for advertising

purposes and monitors user activity on the Internet. All staffs should be fully aware

of and comply with the Internet Usage Policy.


E. Policy Violations

The Fashion and Design Institute of undertakes to maintain a control

mechanism that monitors all Internet usage. Information on Internet activity and

usage pattern will be analysed and used in any way that is deemed necessary to ensure

compliance to this policy. Violations of policies governing the use of Internet will

result in restriction of access t o t h e F a s h i o n and Design Institute technology

r e s o u r c e s . In addition, t h e Fashion and Design Institute of may carry out

investigation which may entail disciplinary or legal action

F. Responsibility for Policy

The Fashion and Design Institute Information Technology section is responsible for

the development and maintenance of this policy. The responsibility for ensuring

compliance with this policy lies with the Information Technology section and Institute

Management.



G. Internet Monitoring Procedures

1.1 The Fashion and Design Insitute maintains a policy of blocking and/or throttling access to web sites which may include:

a) Sites of non educational use from where heavy downloads are being effected

b) Sites containing pornographic or other material that could be deemed offensive

c) Downloadable files with extensions as at Annex A

1.2 Monitoring is done on a regular basis at the FDI. The report gives an indication

of who has used the most bandwidth. Websites visited and files downloaded are

crosschecked. If usage is very high and abusive, a live monitoring is performed on

the Proxy server to check which websites are being accessed and what is being

downloaded. If websites and downloads are found to be non-work related and

abusive, the concerned party notified and on persistence, the user’s access is blocked

for Internet.

1.3 The blocking of offensive sites is automatically made by a control mechanism in

place at the FDI. Categories of blocked access are at Annex B.

1.4 However, during monitoring of Internet Usage patterns, the FDI may find it

necessary to manually include additional sites deemed offensive in its blocked list at

any point in time.

1.5 Accesses to the Internet are logged and monitored on a daily basis at the level of the

FDI.

1.6 Staffs attempting to access a blocked site are automatically notified with a warning

sign and the attempt is logged. Repeated attempts will be handled as an abuse

and action taken accordingly.



Annex A – File Extensions blocked/throttled

1. Mp3 – music file

2. Flv – movie file

3. Avi – movie file

4. Mp4 – movie file

5. Wma – music file

6. 3gp – mobile movie file

7. Divx – movie file

8. Xvid – movie file

9. Rmvb – movie and audio for real media player

10. Wmv – movie file

11. Rm – audio for real player

12. Mpg – movie file



Annex B – Categories of Sites Blocked

1. Adult / Sexually Explicit

2. Adverts & Pop-ups

3. Criminal Activity

4. Gambling

5. Games

6. Hacking

7. Illegal Drugs

8. Intolerance & Hate

9. Peer to Peer

10. Phishing & Fraud

11. Proxies & Translators

12. Ringtones/Mobile Phone Downloads

13. SPAM URLS

14. Spyware

15. Streaming Media

16. Tasteless & Offensive

17. Violence

18. Weapons

IT End User Guidelines



.

PC Housekeeping

Effective physical security procedures must be in place to deny access to

unauthorized persons to IT Equipment in Ministries/Departments.

Smoking in the vicinity of computers must not be allowed. Smoke raises carbon particles, which may enter into the computer and create hazards.

Eatables and drinks must not be allowed near computers to minimize risk of damaging equipment (e.g. keyboards) by spilling food.

Back up of your PC data must be done regularly, optical disk (CD/DVD), the network (if you are connected to one) or on other external media. Note that pendrive/flasdrive is not a recommended long life backup measure

Lock your PC with a standard screen saver with password protection when left unattended.

Use of pirated and unauthorized software should be strictly prohibited as these may contain viruses.

Only original software purchased from authorized vendors should be used.

Ensure you have the latest version of antivirus definition and software. The antivirus must be regularly updated and must have its permanent shielding facility on (check with technical support/DBA).

Using Email

Beware of email from unknowns parties (unsolicited email). Do not open unsolicited email. Do not take action based on information in unsolicited emails e.g. ‘You have won $1,000,000. Kindly send your bank details for crediting your account.’ These are scams also known as social engineering attacks.

Ensure you are addressing the right person prior to sending email.

Executable files (e.g. with .exe, .com, .bat, .reg extensions) and suspicious attachments must not be opened.

Do not subscribe to unnecessary or unverified mailing lists. You may end up receiving an overload of emails that may slow down your computer. Such emails are known as spam.



Safe Internet surfing

Avoid giving unnecessary information online (e.g. Subscribing to a newsletter whereby your family details are requested).

Beware of Phishing attacks. Phishing is the use of email messages and web pages that are replicas of existing sites to fool users into submitting personal, financial, or password data. Ensure you are on the right website with the right URL e.g. going to a web site for a bank whose real URL is http://www.bankonline.com. A Phishing attack would probably send you an email telling you to go the bank’s website at http://www.bank0nline.com which is not the real website but a copy of it from where all information you will provide thereon will be used to organise an attack against you.

Do not surf on sites that contain offensive material.

Do not download games, screensavers and other unnecessary gimmicks from Internet – they may have embedded spyware or viruses. Usually spyware covertly gathers user information for advertising purposes and monitors user activity on the Internet. Spyware can also gather information about e-mail addresses, passwords and even credit card numbers and transmit that information in the background to someone else.

Password management Passwords should ALWAYS contain:

At least eight characters

Both upper and lower case letters

At least one number

At least one special character (for example # $ % {+ ? )

Passwords should NOT:

Be based on personal information, such as names of family, dates, addresses, phone numbers, etc.

Be based on work information, such as room numbers, building name, co-worker's name, phone number, etc.

Use word or number patterns like, aaabbb, qwerty, zyxwvuts, 123321, abcABC123, etc.

Hard to guess passwords must be used. A poorly chosen password may result in the compromise of your computer.

Passwords should be regularly changed.

Password should not be shared with anyone.

http://www.bankonline.com/

http://www.bank0nline.com/



Principles and Guidelines for Internet usage at

Fashion and Design Institute

Purpose

The purpose of this guideline is to ensure that

a) Staffs are informed about the applicability of principles and guidelines for Internet

usage; b) Users of Internet are informed about the security risks of the Internet.

Scope The scope of the Guideline applies to all users at the institute who have access to the Internet.

Principles The use of the internet is important in supporting high quality teaching and learning. It is

expected that, in line with our aim to produce independent learners, the use of ICT and the internet are important tools, particularly in developing research skills and individualised learning programmes for staffs. This policy outlines the strategy to protect staffs and ensure a safe use of the internet.

Guidelines/Rules for Staffs

Staffs will be made aware of the following rules when using the Internet:

• Only relevant information related to educational work/ lessons should be downloaded.

• Staffs should never provide their contact details online. • Chat service may not be used from within institute unless platform provided by the institute e.g. email system related service, in which case the teacher may supervise the staffs. Staffs should be warned about the dangers of providing personal information and of even meeting the person with whom they have been chatting.

• Staffs should be refrain from downloading freewares, music, songs games, screensavers and other unnecessary gimmicks since these may be infected with viruses.

• Beware of Phishing attacks. Phishing is the use of email messages and web pages that are replicas of existing sites to fool users into submitting personal, financial, or password data. Ensure you are on the right website with the right URL e.g. going to a web site for a bank whose real URL is http://www.bankonline.com. An attacker

would probably send you an email telling you to go the bank’s website at http://www.bank0nline.com which is not the real website but a copy of it from

where all information you will provide thereon will be used to organise an attack against you.

• Do not surf on sites that contain offensive material.

http://www.bankonline.com/





Using Email

• Beware of e‐mails from unknown parties (unsolicited emails). Do not open

unsolicited emails or respond to any unsolicited emails e.g. “You have won $ 1,000,000. Kindly send your bank details for crediting your account.”

• Executable files (e.g. with .exe, .com, .bat) and suspicious attachments should never be opened.

• Do not subscribe to unnecessary or unverified mailing lists. You may end up receiving an overload of emails that may slow down your computer. Such emails are known as spam.

• Regularly purge unnecessary emails (including emptying the ‘Deleted Items’ or ‘Trash

Can’ folder) to free storage space.

Staff Protection

It is our intention to protect our staffs from inappropriate or undesirable material. The following criteria define inappropriate or undesirable materials:

• Obscene, offensive or inaccurate. • Staffs must not insult, attack others, violate copyright, trespass in others’ folders or

harass anybody through the internet.

Under the Computer Misuse or Cybercrime Act 2003 the Act provides for a repression of criminal a c t i v i t i e s p e r p e t u a t e d through c o m p u t e r s y s t e m s . Attention i s d r a w n to the following:

Indecent or Obscene photographs of children

Any person who –

a) takes or permits to be taken or to make, any indecent photograph or pseudo‐

photograph of a child; b) distributes or shows such indecent photograph or pseudo‐photograph;

c) has in his possession such indecent photograph or pseudo‐photographs, with a view to it being distributed or shown by himself or any other person; or

d) publishes or causes to be published any advertisement likely to be understood as conveying that the advertiser distributes or shows such indecent photograph or pseudo‐photograph, or intends to do so,

shall commit an offence.



Filters

The lab network system is set up in accordance with appropriate practices for security

purpose. At the Fashion and Design Institute Internet have a filtering device. This filter screens out materials that are deemed as being unsuitable or undesirable. Staffs should not be allowed to use computers having dial‐up access mode since they would bypass the filtering procedure.

Monitoring the Lab Network

All trainers/lecturers are expected to monitor the range of sites used. Ideally trainers/lecturer should pre plan sites that will be used for class use. Periodically the trainers/lecturers should undertake a routine check of sites visited and report any

concerns to their respected hierarchy.

Supervision

Albeit our aim is to develop independent learning within our staffs, it is agreed that total supervision at all times is not possible. It is therefore recommended that trainers/lecturers regularly remind staffs of the responsible usage of the internet. Frequent checks by class

trainers/lecturers should be made while staffs are online.

During classes in the Computer Lab, the computers can be monitored by the staff present to ensure s t a f f s a r e u s i n g a p p r o p r i a t e w e b s i t e s . Staffs s h o u l d n o t be le f t i n the computer lab unsupervised.

Reporting Staff Misuse of the Internet

In the first instance, the class trainers/lecturers should deal with any misuse of the Internet directly with the child. Should there be concerns about the types of material accessed; the matter should be immediately reported to their respected hierarchy, who may take appropriate disciplinary action in due course of time.

The sanctions imposed will reflect the severity of the incident and in serious cases; a staff may

be denied access to the Internet for a period of time.

Note: This policy document may be updated as and when required without prior

notice. Latest version of the document should be used. It is the responsibility of the

user to keep update with the latest version available

Documents

Internet Usage Policy - Fashion & Design Institute · Internet Usage Policy Page 9 of 12 Safe Internet surfing Avoid giving unnecessary information online (e.g. Subscribing to a newsletter