National Tsing Hua University Server Management Policy

Passed at the Computer and Communication Committee Meeting held on June 23, 2009
Approved by the Protection of Intellectual Property Task Group on July 3, 2009
Revised at the Computer and Communication Committee Meeting held on June 22, 2010
Approved at the 9th University Administration Meeting of the 2009 academic year held on June 29, 2010
(Added Article 6; revised the original Article 6 and renumbered it as Article 7)
Revised at the Computer and Communication Committee Meeting held on June 21, 2015

I. This policy was drafted to improve the network service quality and information security of the University's campus servers.

II. This policy is applicable to Internet service servers provided by administrative and teaching units of the University.

III. All units which have installed Internet service servers shall note the following:
  (I) Intellectual Property Rights: Only legal and authorized software shall be used. Attention must be given 
         to the legality of information made public. 
  (II)Dedicated Personnel: An Internet service server manager must be assigned to take full responsibility of 
         the management and maintenance of the servers.
  (III)Maintain Information Security: Perform information security checks and system vulnerability fixes of the
          managed Internet service servers on a regular basis. If assistance from the Computer and Communication 
          Center (the Center) is required, please apply and register relevant server information. The Center can 
          provide services such as penetration tests, vulnerability scans, and source code analyses.
  (IV)Information Security Seminar: The server manager shall attend the information security seminar held by 
         the Center. The manager shall also pay attention to the server management regulations and information 
         security measures announced by the Center.
IV. The Center performs periodic security scans on the Internet service servers of the entire school and publishes
    reports on the results of those scans. The server manager shall fix vulnerabilities based on the reports provided 
    by the Center.
V. Users of any unit's Internet service server shall adhere to the regulations set forth by the policy as well as the
   following items. Violators thereof may have their network service suspended and be reported to the relevant office,
   depending on the severity of the violation.
 (I)Comply with the National Tsing Hua University Campus Network Terms of Use.
 (II)Comply with the National Tsing Hua University Unauthorized Network Information Policy.
 (III)Respect intellectual property rights; behaviors which violate intellectual property rights are not allowed.

VI. To improve the effectiveness of the University's computer resources and comply with energy conservation and carbon
    footprint reduction policy, each unit shall implement virtualization in their server or use the virtual hosting 
    service offered by the Center.
VII. The Policy shall take effect after being passed at the Computer and Communication Committee Meeting and approved 
     by the University Administration Meeting. The same applies for amendments made thereto.