Policy

UPH IT Policy for general users

This policy contains regulation that has to be known and obeyed by the entire IT user in UPH. Users consist of:

  1. All UPH employees which is academic, non-academic and organization units (faculties, directorates, departments, bureaus and sections).
  2. Third parties, such as, guest, vendor, etc.

Policy for general users divided into:

General

a. Background

As a company that is in education business to include the work activities related to IT operational.

b. Objectives

1. To establish rules which are related to standardization and centralization in managing security for IT equipments, room and data access.
2. To reduce the risks from abuse using IT equipments in UPH work environment

c. Scopes

This policy applies to all UPH employees which consists of administrative staffs, academicians and organization units (faculties, directorates, departments, and bureau)

Definition
  • IT equipments are all IT hardware, software and IT facilities/services which support a system to achieve a certain objective.
  • IT Directorate (ITD) is a directorate under UPH’s President that regulates usage and maintenance of all UPH’s IT equipments.
  • ITD consists of 5 departments:
    1. IT Strategy & Governance
    2. IT Project & Administration Office
    3. Business Solutions
    4. System Development
    5. IT Service & Operation

This policy states the items which should be obeyed and serve as a guideline for all UPH employees, and it is under the control of ITD.

Procurement and the addition of Personal Computer (PC) and supporting components must be with the approval of superiors.

  1. Workmanship and Personal Computer (PC) installation carried out by ISD.
  2. User is restricted to add or remove or modify any hardware owned by UPH.
  3. All UPH employees are responsible to maintain physical condition of the IT hardware.
  4. It is restricted to swap hardware between employees without permission from ISD.
  5. Each user is responsible for hardware cleanness and routine maintenance of the hardware.
  6. Each PC must have an active and licensed antivirus scanner provided by ITD, which automatically updated.
  1. Only licensed software can be installed.
  2. Software CD and its license will be provided by CISD.
  3. The user is responsible for the borrowed software CD and its license. The software and license cannot be distributed or published to other party.
  4. Loaned software media must be returned without defect and on the agreed date.
  5. All software or tools which are not work-related are not to be installed.

This policy regulates the process of access of maintaining data confidentiality by ITD in particular, and the rest of UPH employees in general within the system managed by ITD.

  1. Users are responsible to keep User ID and password confidential. It includes logins to applications and supporting applications owned by UPH.
  2. It is restricted to give access or share one’s user ID or password to others.
  3. It is restricted to modify, renovate, move, or do reckless actions which can damage or endanger the infrastructure without permission from ISD Manager.
    Password must be changed by users periodically. ITD reserves the right to inspect this.
  4. User ID and password distributions by ITD must be done in responsible manner.
  5. ITD reserves the right to block websites which are considered dangerous, malicious, or contains porn.
  6. It is restricted to download and upload anything that is not related to the work in UPH. ITD reserves the right to inspect this.
  7. ITD reserves the right to monitor and audit the usage on all IT equipments owned by UPH.
  8. ITD reserves the right to monitor bandwidth allocation based on needs that related with UPH.

This policy regulates the access process of maintaining data confidentiality by ITD in particular, and the rest of UPH’s employees in general within the system managed by ITD.

  1. UPH email and chatting is to be used for UPH’s work purpose. It is not for personal use.
  2. It is restricted to send out info which is not true using UPH’s email (this includes violence, porn and sexual, religion, racism, and SARA)
  3. It is restricted to deliberately download or execute all email attachment which are suspicious/ dangerous/ malicious, and executable (such as .exe, .vbs, .reg).
  4. ITD has an authority to block dangerous or suspicious emails.

ITD is not responsible and reserve the rights to refuse users’ requests to support personal IT equipments, such as cellphone, Smartphone, personal PC, or personal notebook.

  1. Abide the law including software license. When using IT UPH equipments, user is to comply with the law of the intellectual's wealth and valid licensing.
  2. Other Policy. When using UPH IT equipments, user is to comply and abide this policy (UPH IT Policy 2009 Rev 1) and other policy amended in the future.

The violation of this policy will cause deactivation of all IT UPH facilities and services for the user by ITD.

This policy contains additional regulations that need to be known and obeyed by all ITD UPH employees. All ITD employees must abide the two policies (UPH Users and UPH ITD) which are summarized in IT Policy for UPH.

For all items described in this IT policy, ITD have the authority and reserves the rights to check and confirm users’ IT equipments compliance for the purpose of security and continuance for all UPH users.

Policy for IT Directorate divided into:

General

a. Background
As a company that is in education business to include the work activities related to IT operational.

b. Objectives
1. To establish rules which are related to standardization and centralization in managing security for IT equipments, room and data access.
2. To reduce the risks from abuse using IT equipments in UPH work environment

c. Scopes
This policy applies to all UPH employees which consists of administrative staffs, academicians and organization units (faculties, directorates, departments, and bureau)

Definition
  1. Data Center is a place where servers and data are stored and they can only viewed by authorized users.
  2. Guests are persons who are indirectly being a part of UPH or third party such as vendors.
  3. System is united components which are connected to achieve a certain objective.
  4. Emergency situation is a situation where something outside of procedures and undetected had happened, force majeure.
  5. The owner of all IT equipments, system and everything related to IT in this policy is UPH.
  6. SOE (Standard Operating Environment) is a standard specification for the use of the computer architecture used in an organization, both software and hardware.