Need for IT Policy
IT Policy is being documented for fair and transparent academic purpose for use of various IT resources in the University Campus for Students, faculty, Staff, Authority and visiting Guests and Researchers.
Due to the policy initiative and academic drives, IT resource utilization in the Campus has grown by leaps and bounds during the last decade.
RCC is managing all IT infrastructure of the university having the Firewall security, DHCP, DNS, email, web and application servers and managing the network of the institute.
The entire faculty, students, staff, departments, authorized visitors/visiting faculty and others who may be granted permission to use the Institute’s Information Technology Infrastructure, must comply with the Guidelines.
Further, due to the dynamic nature of the Information Technology, Information security in general and therefore policies that govern information security process are also dynamic in nature. They need to be reviewed on a regular basis and modified to reflect changing technology, changing requirements of the IT user community, and operating procedures.
The objectives of the IT policy are as follows:
To provide all required IT resources as per the academic/operational programs laid down by University Also, introduce new IT technologies which will benefit the students, researchers, and staff.
Create provision for priority up-gradation of the system
Create Provision for Annual Maintenance expenses to ensure maximum uptime of the system.
Plan and invest for redundancy at all levels.
Leveraging information technology as a tool for the socio-economical development.
IT Hardware Policy
Network user community needs to observe certain precautions while getting their computers or peripherals installed so that he/she may face minimum inconvenience due to interruption of services due to hardware failures.
- Primary User: An individual in whose room the computer is installed and is primarily used by him/her is considered to be “primary” user. The individual node GUNET network with unique IP address.
- End Users: User who gets services on the Intranet/Internet through Servers installed at RCC are considered under this policy as "end- users".
- Warranty & Annual Maintenance Contract: Computers purchased by any Department/Cells should preferably be with 3-year/5-year onsite comprehensive warranty. After the expiry of warranty, computers are covered under Annual Maintenance Contract (AMC).
- Power Connection to Computers and Peripherals: All the server and peripherals should be connected to the electrical point strictly through UPS. Power supply to the UPS should never be switched off, as continuous power supply to UPS is required for battery recharging. Further, these UPS systems should be connected to the electrical points that are provided with proper earthling and have properly laid electrical wiring.
Network Cable Connection: While connecting the computer to the network, the connecting network cable should be away from any electrical/electronic equipment, as they interfere with the network communication. Further, no other electrical/electronic equipment should be shared with the power supply from where the computer and its peripherals are connected
- File and Print Sharing Facilities: File and print sharing facilities on the computer over the network should be installed only when it is absolutely required. When files are shared through network, they should be protected with password and also with read only access rule
- IT Procurement Policy: IT Cell is constituted by the higher authority for helping procurements of IT equipment. IT equipment must be purchased through Government Market Place (GeM) after taking necessary approval from higher authority.
- Old Equipment: To scrap old equipment, the department have to write official letter to the workshop, and workshop manager has to collects the scrap, and sell it to E-waste management authorised dealer by the Government of Gujarat.
Software Installation and Licensing Policy
- Operating System and its Updating: Individual users should make sure that respective computer systems have their OS updated in respective of their service packs/patches, through Internet. This is particularly important for all MS Windows based computers (both PCs and Servers). Updating OS by the users helps their computers in fixing bugs and vulnerabilities in the OS that were periodically detected by the Microsoft for which it provides patches/service packs to fix them. All OS and other software used in the campus must be licenced, no pirated software will be allowed to use in the campus.
- Antivirus Software and its updating: Computer systems used in the institute should have anti-virus software installed, and it should be active at all times. The primary user of a computer system is responsible for keeping the computer system compliant with this virus protection policy. Individual users should make sure that respective computer systems have current virus protection software installed and maintained.
- Cyber Security: The Sophos XG 650 firewall is installed superior visibility into risky activity, suspicious traffic, and advanced threats helps to regain control of networks. Automatic threat response instantly identifies, and isolates compromised systems on GUNET to stop threats from spreading.
- Backups of Data: Individual users should perform regular backups of their vital data. Virus infections often destroy data on an individual's computer. Without proper backups, recovery of destroyed files may be impossible. Preferably, at the time of OS installation itself, one can have the computer's hard disk partitioned into many volumes typically C, D and so on. OS and other software should be on C drive and user's data files on the other drives (e.g. D, E). In case of any virus problem, generally only C volume gets corrupted. In such an event formatting only one volume, will protect the data loss. However, it is not a fool proof solution. Apart from this, users should keep their valuable data on DVD/Pen Drive or other storage devices such as pen drives, external hard drives.
- RCC Interface:RCC upon finding a non-compliant computer will notify the individual responsible for the system and ask that it be brought into compliance. Such notification will be done via email/phone. The individual user will follow-up the notification to be certain that his/her computer gains necessary compliance. The RCC will provide guidance as needed for the individual to gain compliance
Network (Intranet & Internet) Use Policy
Network connectivity provided through an authenticated network access connection or WiFi is governed under the Institute IT Policy. For any maintenance and support of the Network, exclusive of local applications. Problems within the Institute's network should be reported to RCC.
- IP Address Allocation: Any computer (PC/Server) that will be connected to the institute network should have an IP address assigned by the RCC. Departments should follow a systematic approach, the range of IP addresses that will be allocated to each building / V LAN as decided.
- Running Network Services on the Servers: RCC takes no responsibility for the content of machines connected to the Network, regardless of those machines being Institute or personal property. RCC will be constrained to disconnect client machines where potentially damaging software is found to exist. A client machine may also be disconnected if the client's activity adversely affects the Network's performance.
- Wireless Local Area Networks: This policy applies, in its entirety, department, or hostel wireless local area networks. In addition to the requirements of this policy, departments, or hostels must register each wireless access point with RCC including Point of Contact information.
Email Account Use Policy
In an effort to increase the efficient distribution of critical information to all faculties, staff and students, and the Institute's administrators, it is recommended to utilize the institute's e-mail services, for formal Institute communication and for academic & other official purposes.
Email for formal communications will facilitate the delivery of messages and documents to campus and extended communities or to distinct user groups and individuals. Formal Institute communications are official notices from the Institute to faculty, staff and students.
These communications may include administrative content, such as human resources information, policy messages, general Institute messages, official announcements, etc.
The facility should be used primarily for academic and official purposes and to a limited extent for personal purposes.
While using the computers that are shared by other users as well, any email account that was accidentally left open by another user, should be promptly closed without peeping into its contents, by the user who has occupied that computer for its use.
Email account must be surrendered after retirement/termination of service.
Impersonating email account of others will be taken as a serious offence under the institute IT security policy
Web Site Hosting Policy
- Official Pages: Departments, Cells, central facilities may have pages on GU official Web Site.
- Personal Pages: It is recognized that each individual faculty will have individual requirements for his/her pages. Hence, faculty may have their personal pages linked to official web site of the institute by sending a written request or mail to RCC giving the details of the hyperlink of the URL that he/she wants to be added in the official web site
Maintenance of Computer Hardware & Peripherals
- Receiving Complaints RCC may receive complaints from the users if any of the computer systems or peripherals that are under maintenance through them is having any problems.
The designated person in RCC receives complaints from the users of these computer systems and coordinates with the service engineers of the respective brands of the computer systems (which are in warranty) to resolve the problem within a reasonable time limit. For out of warranty computer systems, problems resolved at RCC.
RCC may receive complaints from department/users; if any of the networks related problems are noticed by them such complaints should be made by email/phone.
RCC may receive complaints from the users if any of the user is not able to access network due to a network related problem at the user end. Such complaints may be generally through phone call.
Video Surveillance Policy
The system comprises: High resolution cameras; Monitors; digital video recorders; Storage.
Cameras will be located at strategic points on the campus, principally at the entrance and exit point of sites and buildings. No camera will be hidden from view and all will be prevented from focusing on the frontages or rear areas of private accommodation.
CCTV recording is maintained at each building individually and its respective Head can view the footage.