User policy and terms of usage for Pouta Services - Services for Research
User policy and terms of usage for the Pouta Services
Providing services to others from the Pouta services
- Users are reminded that the Pouta services must only be used for the purpose agreed in their User/Resource application or other agreement concerning the use.
- The Pouta services can only be used to provide services for academic research and education by Finnish universities, polytechnics and research institutes, unless agreed otherwise.
Access for 3rd party technical assistance and support
- Users may request additional CSC user accounts for technical specialists to operate, manage or configure their resources if it assists with the agreed purpose of the project.
- In cPouta virtual machines (VM) can be directly connected to the Internet. The user is responsible for the security of their VMs.
- In ePouta virtual machines are connected to the user site's infrastructure via a Virtual Private Network (VPN). The user is responsible for the security of their VMs and their own site's infrastructure. CSC is responsible for the security of the hypervisors and other data center core infrastructure. Responsibilities for network connectivity are defined in the respective contract(s) for these services.
- Users are responsible for managing their access control lists, firewalls, user accounts and all other access control methods.
- Users are responsible for maintaining operating system and applications security. We recommend applying all applicable security updates automatically or otherwise at regular and well managed intervals.
For CSC recommendations on how to implement these requirements see the chapter Security guidelines for cPouta . These instructions are applicable both to cPouta and ePouta.
Content and data management responsibilities
- Content means any data you upload to the service or create using the service. This includes virtual machine images, snapshots and volumes.
- Most Content is not backed up and it is the customers' responsibility to manage their Content. The servers providing the service and user metadata are backed up so we can restore the service in case of failures. However all the places where users can store data including Volumes, Virtual machines and Ephemeral storage are not backed up. It's the users responsibility to make backups of data as needed.
Access to User Content
- Scanning of virtual machine images for prohibited applications.
- Scanning the listening network ports of active virtual machines.
- CSC has the right to do passive network monitoring for intrusion detection (IDS) purposes. This monitoring can occur without suspicion of intrusion.
- Users are reminded to consider the design and reliability of the Pouta services, familiarize themselves with the Service Level Agreement for cPouta and ePouta and plan accordingly.
- User virtual machines or data can be lost or corrupted due to hardware failure, system error, administrator error or user errors.