User policy and terms of usage for the Pouta Services

This section describes additional terms and examples specific to the cPouta and ePouta services. Please also read General Terms Of Use for CSC's Services for Science ("TOU"). By using the Pouta services you are agreeing to BOTH.

Providing services to others from the Pouta services

  • Users are reminded that the Pouta services must only be used for the purpose agreed in their User/Resource application or other agreement concerning the use.
  • The Pouta services can only be used to provide services for academic research and higher education by Finnish universities and polytechnics, unless agreed otherwise.

Access for 3rd party technical assistance and support

  • Users may request additional CSC user accounts for technical specialists to operate, manage or configure their resources if it assists with the agreed purpose of the project.

Security responsibilities

  • In cPouta virtual machines can be directly connected to the Internet. Customer is responsible for the security of their VMs.
  • In ePouta virtual machines are connected to the customer site's infrastructure via a Virtual Private Network (VPN). Customer is responsible for the security of their VMs and their own site's infrastructure. CSC is responsible for the security of the hypervisors and other data center core infrastructure. Responsibilities for network connectivity are defined in the respective contract(s) for these services.
  • Users are responsible for managing their access control lists, firewalls, user accounts and all other access control methods.
  • Users are responsible for maintaining operating system and applications security. We recommend applying all applicable security updates automatically or otherwise at regular and well managed intervals.

For CSC recommendations on how to implement these requirements see the chapter 2.3 Security guidelines for cPouta . These instructions are applicable both to cPouta and ePouta.

Content and data management responsibilities

  • Content means any data you upload to the service or create using the service. This includes virtual machine images, snapshots and volumes.
  • Most Content is not backed up and it is the customers' responsibility to manage their Content. The servers providing the service and user metadata are backed up so we can restore the service in case of failures. However all the places where users can store data including Volumes, Virtual machines and Ephemeral storage are not backed up. It's the users responsibility to make backups of data as needed.

Access to User Content

General Terms of Use for CSC's Services for Science state that CSC can access content. Specifically for the Pouta services:

  • CSC has the right to scan or monitor Users Content for security vulnerabilities, violations of our terms of use, or to perform anonymised analysis of workloads, for example by:
    • Scanning of virtual machine images for prohibited applications.
    • Scanning the listening network ports of active virtual machines.
  • CSC has the right to do passive network monitoring for intrusion detection (IDS) purposes. This monitoring can occur without suspicion of intrusion.
  • CSC has the right to disable any or all of a Users instances or network connections if we suspect an ongoing security violation or a violation of our Terms of Use.

User risks

  • Users are reminded to consider the design and reliability of the Pouta services and plan accordingly.
    • The Pouta services alone are not suitable for hosting mission critical applications.
    • User instances (virtual machines) can be lost or corrupted due to hardware failure, system error, administrator error or user errors.