This charter is open to all authorized users (teachers, staff, students) and all temporary users (students, visitors, participants in courses or seminars in the buildings occupied by the FBM) of the computer systems and network telecommunications of the units that have joined the computer program of FBM.

The following partners are responsible for the application of this Charter:

• The Dean’s Office and the FBM’s IT service (Si),
• Management of the Department / Service / Institute.

The use of IT resources within the State of Vaud and the University is governed by the following :

• Loi du 12.11.2001 sur le personnel de l’Etat de Vaud (LPers, RSV 172.31).
• Loi du 6 juillet 2004 sur l'Université de Lausanne (LUL).
• Article 125 du règlement d’application du 9.12.2002 (RLPers, RSV 172.31.1) de la LPers.
• Norme ISO/CEI 17799 : 2000 Code de bonne pratique pour la gestion de la sécurité de l’information.

In addition to these documents, the following UNIL regulations and directives must be followed:

• Directive 0.6 Transmission d'informations en relation avec la protection de la personnalité
• Directive 6.1 Conditions d'accès à l'intranet administratif
• Directive 6.2 Utilisation d’Internet, de la messagerie électronique, de la téléphonie et du poste de travail
• Directive 6.3 Sécurité des équipements informatiques
• Directive 6.6 Procédures pour les achats d’équipements informatiques à l’UNIL
• Annexe à la Directive 6.6 Utilisation professionnelle d'ordinateurs privés
• Directive 6.7 Charte d'utilisation des services informatiques centraux
• Directive 6.8 Utilisation des listes électroniques de distribution
• Directive 6.9 Fichiers informatiques et la protection des données personnelles

1. Three categories of computer equipment are defined:
   1. equipment said private: all computer equipment not inventoried at UNIL and that connect to the resources of the FBM. For example: laptop of an employee or affiliate whose length of stay in the FBM is less than six months, private mobile phone, etc.. ;
   2. equipment said UNIL: all computer equipment inventoried at UNIL and that have not been purchased through the Si. For example: equipment moved from another university, private laptop set to inventory, etc. . ;
   3. equipment said FBM: all computer equipment purchased through the Si (fixed, mobile, linked to scientific equipment, etc..) by a member or an entity of the FBM (professor, associate, student, scientific apparatus) .
2. Any change in category requires the permission of the Si and for the FBM equipment (add, delete), the agreement of the department’s director or manager defined in the entity.

1. Each member of the FBM, whatever his affiliation or status, wishing to acquire new hardware or software, whatever the source of funding, must first consult the respondent of the Si to define the technical specifications according to the needs and UNIL’s standards, the type of software or device type (fixed, mobile, linked to scientific equipment, server, printer, etc..).
2. The Si is responsible to give notice of the order, to prepare the necessary order forms and forward the complete request to the concerned fund manager.

1. In order to manage the IT infrastructure at best, every FBM UNIL equipment is inventoried.

1. Hardware ordered via the Si is automatically set to the UNIL’s inventory. There are therefore no specific procedures for this purpose.
2. Any faculty member who works for the FBM for a period greater than or equal to 6 months, may request to add his private equipment to the UNIL’s inventory.
3. The criteria for the inventory are:
   1. seniority equipment (less than 5 years);
   2. number of devices registered by the applicant (maximum 1 equipment per person);
   3. justification for professional use and general need (no access to a workstation, etc.).
4. Each application must be signed by the head of the department or manager defined in the entity before it can be considered by the Si.
5. The Si prioritizes requests and forwards them for approval to the computer center.
6. Any private equipment added to the UNIL's inventory will be part of the UNIL equipments.

1. Any hardware removal from the inventory must be reported to the Si and requires justification.
2. Any request authorized by the Service is transmitted to the computer center of the UNIL, which gives the final approval. In principle, the following conditions must be met:
   1. equipment must be acquired for more than four years,
   2. it must be free of any maintenance contract,
   3. it is sold without warranty,
   4. the equipment offered for sale must be offered in priority to members of the university community, UNIL budgetary unit or particular,
   5. if the device contains a hard drive, it must be completely erased by a reset procedure before being sent to its new owner.
3. When removing hardware from the inventory, the Ci sends an authorization to the Si, and a request for issuance of any eventual invoice to the Accounting Services. The amount will be credited as revenue fund of the State of the concerned UB. The Computer Centre is able to advise the UB on the selling prices of devices.

1. Users connecting to the resources of the FBM with private equipment must comply with the following rules:
   1. ensure that the equipment is updated with the security patch and updates for their respective operating system;
   2. use an updated antivirus program (unless otherwise specified by the Si).
2. The Si does not perform any support or other assistance to private equipment.

1. Users connecting to the FBM’s resources with UNIL equipment must comply with the following rules:
   1. ensure that the equipment is updated with the security patch and updates for their respective operating system;
   2. use an updated antivirus program (unless otherwise specified by the Si).
2. The Si defines the terms of support. This is usually limited to support for issues related to the use of FBM / UNIL resources or softwares installed without guaranteeing response time or the resolution of the problem.
3. The Service may refuse a request or support relocation of equipment if its configuration is too far from the standards set.

1. To join FBM equipment, the procurement process and inventory management should be respected, except as provided in Chapter 4.
2. Any FBM equipment is configured in a standard configuration provided and defined by the Si.
3. Without explicit permission of the Si users do not have the right to:
   1. move equipment without informing the Si (except laptops),
   2. add or remove components (hardware or software)
   3. install any software that does not comply with the directive on software and equipment used in the FBM / within the Department / Service / Institute or for which the user does not have a proper licence.
4. The Si provides full support for all FBM equipment:
   1. help using FBM / UNIL softwares.
   2. installation and configuration of equipment for everything related to the business use;
   3. repair and troubleshooting (hardware and software);
   4. loan service if equipment available.
5. Any exception (full or partial agreement administrative rights, different software configuration than the standard expected, etc..) requires prior approval, decided jointly between the department head or Service Manager, the supervisor and the representative of the Si of the concerned entity. Valid reasons for such authorization are for example :
   1. software that requires administrative rights to operate;
   2. non-standard equipment where the Si does not have the skills to manage it;
   3. computer scientist or a person with equivalent profile in the requesting unit to which the Si delegates complete or partial management of computers.
6. In case of the agreement on an exception, the Si reserves the right to adjust the level of support offered.

1. Software purchased or offered by the Si reflect the realities of management optimization, compatibility and cost.
2. It is forbidden to install the same software on multiple computers by indicating only one license. Copying software is illegal.

1. The terms of access to computer equipment are defined by the Computer Center of the University of Lausanne. Usernames and passwords are issued on a personal basis. They are strictly confidential and must not be disclosed to third parties. Are prohibited:
   1. the installation of software to find the passwords of other users;
   2. to use the username and password of another user;
   3. make unauthorized intrusions on servers of the Si;
   4. neutralize and/or modify the parameters of the security installed
2. Users shall take all measures to prevent any unauthorized use of their computer account.
3. In all cases, the user is responsible for the use of his personal account.
4. To ensure the confidentiality of its data, the user sets a password in compliance with the latest safety practices and changes it every two years at least.
5. Remote access to computers by the Si requires the prior consent of the user.
6. At the departure of the user, unless otherwise agreed by the Si, all FBM acces granted are deleted immediately.

1. The data resulting from the work of employees remain the property of the UNIL, respectively FBM.
2. The Si, in partnership with the Computer Centre of the UNIL, provides a central repository of data.
   1. Each user has a home directory accessible by itself and / or a directory accessible only by group members or the work unit.
   2. Only professional data can be stored on the server directories or other central resources. Duplication should be avoided and the directory must be purged from stale data.
   3. The Computer Centre UNIL defines the modalities of data protection and data backup.
   4. The Si defines the access permissions to data in accordance with the department head or delegate.
   5. The Si disclaims any liability for the availability, security, integrity and completeness of data, interruption of service or any other unforeseen incident beyond the safeguards and protection established by the Ci.
   6. User agrees that any data not encrypted and stored on the server can be read by some employees the Si and the Ci. The list of access rights may be requested to the Si.
3. For any information stored outside the central repository or a central server of the Si, no warranty is given about the availability, security, integrity and backup of the data stored.
4. In cases where the intervention of the Si requires the backup data or other information, the Si is committed to:
   1. respect the privacy and confidentiality of data;
   2. destroy data stored after a period of three months;
5. At the departure of a user, the latter:
   1. ensures to sort its data and save it on the central repository;
   2. agrees that any data left or saved locally on the UNIL or FBM equipment will be removed after his departure;
   3. agrees that the Si transmits any data left on a server or other central resources, whatever the level of confidentiality, for evaluation from a supervisor who may dispose of it freely or ask the Si for its removal.

1. The equipment provided by the Si are dedicated to professional or academic use.
2. It is recalled that the possession, display or dissemination of any computer data owned by third parties is protected by the LPD (loi fédérale sur la protection des données du 19.06.1992).
3. Limited personal use is allowed provided it meets the following conditions:
   1. it does not alter the physical and logical configuration of the equipment,
   2. it does not result in direct costs for the FBM,
   3. it does not interfere with the student's work, the employee and his colleagues,
   4. it does not affect the interests and image of the FBM,
   5. it does not overload significantly equipment available and those of other users connected to FBM resources.

1. In case of non-compliance with this charter, the Si may request
   1. suspend its support,
   2. reinstall with a standard configuration the equipment concerned
   3. denounce the use that does not comply with rules.

1. The user (student or employee) that does not meet the above rules may be subject to administrative measures taken by the Directorate of the Department / Service / Institute. These measures are related to the seriousness of the offense, are reserved under the provisions of reference texts mentioned in Chapter 3.
2. Following misuse of computer equipment, fees are charged by third parties to the FBM, the latter reserves the right to require the author of the misuse to reimbursement these expenses.

1. In case of conflict between regulations, directives and regulations of the UNIL prevail.
2. Any update of this charter requires the approval of the Department Director or Manager, the Dean's Office and the head of Si.

0.0 2017-11-07