Academic Software Funding & Acquisition Guidelines
Acceptable Use Policies for Information Technology Resources
Backup and Recovery Policy
Computer Account Disabling Policy
Computer Allocation Policy
Computing Safely
Desktop Computer Support Policy
Disaster Recovery Policy
Email Policies
Engineering Computer Account Policies
IT Usage Guidelines and Good Practices

Linux Temporary Storage Policy (/var/tmp)
Network, Security, and Cabling Policies
Passwords - What you need to know
Personally Owned Computer Support Policy
Printer Support Policy
Software Installation Policy
Windows Patching Policy

Academic Software Funding & Acquisition Guidelines

Funding Source

Academic software capital purchases and annual software maintenance costs are funded by the student technology fee. The software maintenance budget is divided into system software (operating systems, compilers, backup software), utilities (FastX for Windows, Ghostview, Acrobat), non-engineering-specific software including productivity tools (Visual Basic, Microsoft Office, Java), and commercial educational software (e.g., Pro/E, Matlab, ChemCAD).

Guidelines

ECS will fund 100% of purchase costs of new academic software up to a budgeted maximum per year for all new purchases. ECS will consult with the dean to set priorities when requests exceed the budget.  ECS will fund 100% of the annual costs for all academic software that is less than the cost per launch budget threshold. ECS will not fund any costs for software that is greater than the cost per launch budget threshold.

There will be a trial period for new software not to exceed one year from the date of installation of the software. During this time, the usage threshold requirement for funding will be suspended. If the software exceeds the cost per launch budget threshold for the year following the trial period, ECS funding will be discontinued.

Departments can opt to provide 100% of funding for software that does not meet the cost per launch budget threshold. ECS will manage license negotiation and purchase additional licenses for academic software on maintenance when usage warrants. 

Cost per Launch Software Budget Threshold

ECS will collect launch count data for installed software applications. These data will be combined with the annual maintenance cost for each application to create a cost per launch for each year. The cost to maintain an application includes both the annual cost of maintenance or lease and the dollar value of the staff time required to install and support the application. All supported software will be sorted from low to high cost per launch and a running total calculated for the cost to maintain software.  A cost per launch budget threshold will be set at the point when the running total for the cost to maintain exceeds the annual budget for software support. 

ECS will provide DEOs with software usage data for applications that do not qualify for ECS funding.

Research Use

The cost-share model applies to the educational portion of any license agreement. When there is a differential cost between an educational version and research version of a software package, the ECS contribution will cover only the cost of the educational version. Departments and researchers interested in the research version must cover the purchase and annual cost differential.

Commercial Educational Software Acquisition and Installation

In order to maintain a secure and productive computer environment, software must meet the following guidelines to qualify for a network install and ECS funding.

  • Annual maintenance must be purchased for all commercial software. Annual maintenance must include phone support.
  • Software must be able to run as an ordinary user (i.e., not as Administrator).
  • Software must support network licensing and must be able to be run from any machine on the College network.
  • Enough licenses must be purchased to adequately support the class (or classes) in which the software will be used. The College recommends purchasing a number equal to at least 20%-25% of the maximum number of students in the class (or classes) or a number equal to the number of seats in the 1245 SC electronic classroom (33).
  • Department(s) using the software are responsible for any reporting requirements (e.g., Ansys requires an annual usage report).
  • Software must be compatible with the supported engineering lab load to be installed on the college network.

If a purchased package does not meet these guidelines, ETC will not install it on the network. Such software may be installed on an individual faculty machine or in a research lab.

Annual Software Renewal and Installation

Academic software renewal processing coincides with budget planning for the new fiscal year. New funding requests will be accepted beginning March 1 and until the funding for that year is exhausted.

Donated or no cost software will be handled in the same manner as purchased software.

In general, the sooner ETC receives the software, the more likely it is that the install will be completed prior to the start of the next semester. Requests will be processed in the order they are received. Queue order may change if the requesters agree to the change.

Guidelines for Software Removal

College software launch data will be compiled immediately following the spring semester.  DEOs will be notified of software that no longer qualifies for ECS funding. Software that does not get alternate funding will be removed from lab, classroom, and other public workstations prior to the start of fall classes. In addition, ECS will not maintain retired software that remains on individual faculty or research machines. New OS loads will likely render retired software inoperable.

Installation Requests

The Software Installation Policy includes the deadlines for requesting software for installation on the ECN or the laptops used in SC.

Acceptable Use Policies for Information Technology Resources

Scope

All college of engineering students, non–engineering students taking an engineering course, and faculty and staff, including complimentary appointments, are given an engineering computer account while they are associated with the college. This account gives a user access to information technology resources provided by the college. In addition to account holders, visitors who use information technology resources that belong to The University of Iowa or the college of engineering are covered by this policy.

The scope of the terms “user” and “information technology resources” are defined in the UI Acceptable Use of Information Technology Resources policy.

All users are responsible for knowing and abiding by the guidelines and responsibilities set forth in the University of Iowa's Policy on Acceptable Use of Information Technology Resources (AUP) and this document.

Account Owner Responsibilities

Beyond the requirements of the UI AUP, the following additional responsibilities are in effect for anyone accessing the College of Engineering information technology resources. Users should:

  • Use the computing resources solely to pursue the educational mission of the College of Engineering and in an efficient, ethical, and legal manner.
  • Contribute to a working environment that encourages effective study and work for all users. This includes, but is not limited to, an environment free from loud talking, the playing of loud music, sound from computer games, offensive graphics on computer screens, and graphic or vulgar language and gestures that demean individuals.
  • Maintain the integrity and security of your account by keeping your password confidential. Report any suspected unauthorized access to your account and change your password immediately. Maintain the privacy of your account by not loaning it to anyone.
  • Abide by the “Usage Guidelines” below and Guidelines and Good Practices to maintain equitable use of the resource for all users.
  • Use college-provided commercial software to support the educational and research mission of the College of Engineering. 
  • Adhere to software licenses and those requirements as referenced in University AUP and software licensed to the College of Engineering on college- or personally owned computers.
  • Appropriately use software that is subject to ITAR and similar government restrictions

ECS Responsibilities

As a provider of computing services, ECS is responsible for delivering a reliable, effective, and secure computing environment. ECS will provide the following:

  • Reasonable safeguards against unauthorized access to your account.
  • Data recovery in the case of of ECS-managed equipment failure that results in a loss of information.
  • Access to the computing resource 24 hours a day, seven days a week during the semester to the best of our ability.
  • Regular upgrades of hardware and software to support the college's computing needs.
  • User assistance and consulting support on use of the computing facilities.

Guidelines

The IT Usage Guidelines and Good Practices describe specific practices expected at all times. ECS may take action when these guidelines are violated.

Users are encouraged to report suspected violations of this policy to the College of engineering Chief Technology Officer or the Director of Desktop Services.

Implementation

ECS will make every effort to evaluate individual user actions on a case-by-case basis. If a particular program or process is unduly reducing the availability of network resources, or is creating a disruption in the study climate of a facility, then this activity is subject to actions that will restore service to the larger community. Specifically, steps will be taken to protect the files of users and to maintain sufficient processing resources to allow persons to access and perform work with their accounts. Actions taken will be determined by current system load on the network, severity of the offense, previous misconduct history by an individual, and any extenuating circumstances. Actions may include, but are not limited to, email notification of the situation, requests for clarifying information, termination of processes, and account suspension.

Related Policies

The operation of engineering network and computing facilities shall be in accordance with the University of Iowa's Policy on Acceptable Use of Information Technology Resources. The UI policy covers security of computing resources and accounts as well as individual privacy and the limitations thereof.

Backup and Recovery Policy

Server and User File Backups

The Engineering Computer Network (ECN) as administered by Engineering Computer Services (ECS) includes file backup and recovery services for 1) the files servers run by ECS, 2) home directory and share directory files for any user account, and 3) local hard drives of ECS-administered computers, as described below.

1) Server backups of ECS and external client machines are described in the Disaster Recovery Policy and are not applicable to user files. Backups are created for disaster recovery only.

Server backups comply with the UI data backup policy.

2) Network Files. On Windows computers, older copies of home directory (and share directory) files are available by selecting a previous version of the document. You can restore modified as well as deleted files. See Previous Version for how to recover older versions or deleted network files.

Because user files are stored on a Windows file server, there is no Linux equivalent of Previous Versions. Linux users must login to a Windows computer to restore an older version or a deleted copy of a document.

3) Local hard drives of ECS-administered Windows computers (computers that ECS has named D-xxx.engin.uiowa.edu), including CCAD computers, are backed up. A backup of user files on C and the entire D drive is done three (3) days per week. To have a local file restored from this sort of backup, use the file restore request form. These restores are handled by ECS.

Compliance

The Engineering College complies with the UI data backup policy.

Computer Account Disabling Policy

All Engineering computer account holders must abide by the Acceptable Use Policy as well as other pertinent policies and guidelines. When ECS is notified of the following sorts of violations, the computer account may be disabled.

Disabling an Account without Prior Notice

A user’s computer account can be disabled by changing the password without notifying the user for the following reasons:

There is evidence of activity that violates federal, state, or local law as enumerated in UI Acceptable Use Policy (AUP) Section 19.4.J.
The account shows activity that critically affects other's use of the system (e.g.,  security risk, network performance degradation, account break-in). See UI Acceptable Use Policy Section 19.4.

Process

  • Make a determination that immediate disabling of the account is necessary according to the reasons listed above.
  • Get authorization from ECS director. If approved, change account password. If it is not possible to get authorization, make a determination based on the seriousness of violation.
  • Notify all ECS staff. If appropriate, notify external personnel (e.g., ITS security, campus security).
  • Unless the situation warrants secrecy or has been turned over to external personnel, a designated ECS staff person will contact the user, explain the situation, and schedule a face-to-face meeting.
  • Following the face-to-face meeting with the user and receiving reasonable assurance that the user understands the situation and will modify account usage, re-enable account.
  • Repeated or serious violations of the UI AUP or Engineering Acceptable Use Policy can be referred to the appropriate disciplinary body for faculty, staff, or students as defined in the UI AUP Section 19.5.

Notifying User of Inappropriate Computer Activity

In the following situations, the designated ECS staff person will notify a computer account holder who is in jeopardy of his/her account being disabled.

  • The user has violated the UI AUP, Engineering AUP, or any other relevant AUP.
  • The use of the account poses some security risk.
  • The account activity has contributed significantly to some threshold of network performance degradation.

Process

  • Notify the user of situation (by email and/or phone).  Explain how to modify the offending activity, or ask the user to come into the office for an explanation. Set a cutoff date after which time ECS will inactivate the account.
  • Depending on the seriousness of the offense, attempt to contact the user more than once and using multiple avenues (e.g., email, phone, letter) before disabling the account for non-responsiveness or failure to modify usage.  If the user does not respond , disable the account on the cutoff date.
  • Following a face-to-face meeting with the user and with reasonable assurance that the user understands the situation and will modify account usage, re-enable the account.
  • Repeated or serious violations of the UI AUP or Engineering AUP can be referred to the appropriate disciplinary body for faculty, staff, or students as defined in the UI AUP Section 19.5.

Computer Allocation Policy

Eligible Faculty and Staff

People eligible to receive allocated computers are in one of three categories:

  •    Voting faculty
  •    Permanent staff with a 50 percent or greater appointment and that report through the Dean’s Office (Finance, ECS, CTC, EDPC, EES, ESS). Not in this category include staff in CCAD, CGRER, IIHR, and research units.
  •    Others as designated by the Dean’s Office

Program

The goal is to provide faculty and staff with office computers that are no more then five (5) years old. The computers are configured to be appropriate to the tasks and responsibility of the faculty or staff member. The actual number of computers replaced annually will depend on the funds allocated by the college and the number of faculty and staff participating in the program.

Renewal Cycle

The cycle is annual, usually beginning in December.

Allocated Computer

This policy allocates and replaces only ECS-administered desktop computers. No portables or servers are allocated, and no substitutions of the hardware model are allowed.

Because these computers are meant to help employees be productive, the computer must be in the individual’s primary office for use by the employee. When the individual to whom a computer was allocated leaves the college, no longer uses the allocated computer, or prefers to use a locally administered the computer, the computer returns to the college for reassignment. Faculty that opt out of the college computer renewal program must return the college-allocated computer if one was assigned to them and are not eligible to rejoin the program for one year.

Groups

The eligible faculty and staff form six groups: the five academic departments (BME, CBE, CEE, ECE, MIE), and the rest of the eligible staff. For allocation purposes, the administrative support staff of a department are treated as members of that department. Faculty may opt out of the program, reducing the size of the eligible group for that unit. When a faculty member opts out of the program, he/she is assigned inactive status. Faculty on the inactive list for at least one year can rejoin the annual renewal program during the next renewal cycle.

Allocation

As long as funding allows, the number of new computers available for each group will be equal to the number of computers that will be five years or more old at the renewal time. Each year college administration will inform the unit managers/directors of the number of new computers allocated to their unit. The renewal computers will replace the oldest computers in the group in any given year.

Computing Safely

Security

ECS is very security conscious and enforces procedures beyond what other IT shops on campus impose. One result is that the ECS staff has spent much less time than other IT staff recovering from security breaches. Because the number and intensity of break-ins (mostly on Windows computers) continue to increase, new security precautions will, no doubt, be instituted as necessary. Self-administered machines are subject to some additional restrictions as noted below. Here are some of the measures we use to improve the safety and availability of the computing environment in the College of Engineering.

  • Passwords must meet College of Engineering password policies.
  • Block email known to contain a virus or suspected as spam. When ECS knows of an alert about a specific virus being spread via email, messages from offending addresses are rejected. Mail sent from known spam sites is rejected and not delivered.
  • Change email attachment names. Email attachments that have an extension that is known to be problematic (associated with the spread of a virus) are renamed to filename.ext.virus-scan-me.virus-scan-me. Messages identified as being infected are put into a mail folder called Virus_Quarantine and any attachments to such messages have a suffix “I-AM-A-VIRUS.I-AM-A-VIRUS". For details about this service, read Dealing with Viruses.
  • The college has made available the virus-scanning software Symantec Endpoint Protection. It scans files as well as provides anti-spyware protection. On administered computers, go to Start | Symantec Endpoint Protection | Symantec Endpoint Protection to see the status of your computer, change the scan settings, or view a list of quarantined files. To scan a directory or file, set up a custom scan.
  • Authenticate before sending mail if on non-secure network. You must authenticate with a secure connection to the mail server to receive and send email. This requirement keeps people outside our network from using your computer to relay mail from and to other sites.
  • Connect with secure (SSH) connection. You cannot use telnet or rlogin to connect to a computer on the engineering network because those two protocols are not secure. You must connect with an SSH (Secure SHell) connection, either SSH2 (more secure) or SSH1.
  • Limit incoming traffic on some networks. Self-administered machines that are not servers cannot receive incoming traffic. To run a server on a less secure network you must apply using the Server Request Form and agree to manage the computer in a way that maintains its integrity and security.
  • Since December 2010, connections using Remote Desktop must be secure. You can use the Junos Pulse VPN to create a secure connection before launching Remote Desktop.

What You Can Do about Security

ECS runs a network that is as secure as reason and requirements allow. Most actions that make a computing environment secure are things that individuals do, not the efforts of the system administrators. Here are several things that users can do to maintain security.

  • Don’t leave passwords visible. If you must write down account passwords, do not leave those passwords where they are visible to others.
  • Don’t tell others your password(s). Passwords are meant to protect the information you have access to. If you have access to confidential data from a University, departmental, or private database, that confidentiality can be compromised by giving another person access to your account by sharing your password.
  • Screen lock your computer when you walk away from it. Locking your screen when you leave your computer unattended prevents others from using your computer account. On a Linux workstation, select Leave | Lock from the K/Start menu to lock your workstation. On a Windows computer, press Ctrl + Alt + Del and select Lock Workstation.
  • Log off or lock your computer at end of day. Just as you lock your screen when walking away from your computer during the workday, doing so at night is as important. One advantage to logging off when you leave is that on ECS-administered machines, ECS installs remotely (without being on your computer) operating system patches, and new versions of virus scanning files and software. This work, typically done on weekends late at night, proceeds more quickly and smoothly if you are not logged into your account.
  • If your computer is self-administered, you are responsible for providing much of the security that ECS provides for ECS-administered machines. Regularly update the virus definition file; install software patches as necessary; pay attention to information about security holes in the operating system you use. If ITS or ECS finds that a self-administered machine has been compromised, it will be disconnected from the network until the administrator has fixed the problem.
  • When working remotely, use a secure connection to get to your files. Use FileZilla to transfer files or Junos Pulse VPN to view and transfer files.

Desktop Computer Support Policy

Rationale

ECS strives to provide a secure, highly functional, consistent environment across all platforms. This functionality can best be supported when the hardware and software remain consistent across the college. This support model has enabled us to provide superior service and functionality (e.g., home directory service, password synchronization across all platforms, backups).

The University of Iowa requires that each campus unit be able to verify that computers in its domain are appropriately patched, have anti-virus software installed with updated virus definition files, and comply with the enterprise password policy.

While ECS recognizes that the standard base load or limitations of college-managed systems may not meet the needs of all faculty, University regulations now require a level a management for all computers. This policy aims to provide a support model for faculty who choose to administer their own machines and those who want a managed environment.

Eligibility

All desktop computers on the Engineering Computer Network must participate in one of the programs described below. Windows, Macintosh, and Linux computers are covered by this policy.

For all of the options below,

  • Computer is joined to a domain, usually Engin but can be Iowa
  • Management agent is installed to handle machine inventory, operating system (OS) and software updates
  • Password tool is enabled, allowing user to use Hawk ID and password to set engineering password
  • Microsoft Office, Matlab, Firefox, Flash, Shockwave, and Java are installed
  • Locally Administered and Research Computers

Option 1 - Minimum support - no charge

Fee: none

Benefits:

  • The computer must be joined to the uiowa forest unless the owner can demonstrate how they will enforce university password policies and there is a compelling case that forest membership will result in operational problems.
  • The owner is given a local admin account for administering the machine.
  • The owner is responsible for obtaining, installing, and maintaining all software without any support from ECS. No software licensed through the College of Engineering or the UI will be made available through ECS.
  • If it is viable ECS will install a software agent to ensure compliance with University policies.
  • The owner is responsible for any interactions with the vendor for warranty support.
  • Engineering Help Desk will provide basic support at no cost, but for more complex issues will charge time and materials.

Option 2 - Intermediate support

Fee:  $250 one-time for the life of the computer

Benefits:

  • Computer can be joined to Iowa domain.
  • The owner is given a local admin account for administering the machine (upon request).
  • Additional application software available from the various Engineering application pools is installed on request provided that no special research license is required.
  • Engineering IT staff will install research versions of Engineering supported applications upon payment of the relevant license fees.
  • Engineering IT staff will help the owner with software installs on request.
  • Engineering IT staff will deal with the vendor for any warranty support.
  • Engineering IT staff will create system restore image (upon request).

Option 3 - Full support with backup

Fee:  $25 per month for the life of the computer

Benefits:

  • Local drive backup.
  • Benefits #3-6 from Option 2 above.
  • Engineering IT staff will provide troubleshooting and general assistance with software and hardware problems.
  • Engineering IT staff will attempt to minimize any downtime related to equipment failure or software issues.
  • Engineering IT staff will reload operating systems and applications as necessary and keep them current.
  • Locally administered computers can be added to the Engineering Computer Network by filling out the Request for an Additional Network Connection form.
  • Local computer administrators must follow University policies and standards as per the (ITS) Network Citizenship Policy as well as local policies in the Checklist for Locally Administered Computers.
  • The computer should be directly connected to the network and not behind a router.
  • If the system is compromised, the computer will be disconnected from the network until the OS has been reloaded and the vulnerability patched. ECS will try to notify individuals prior to a network disconnect.

Best Practices for all Locally Administered Machines

  • Install software and data on the local data drive.
  • Turn on automatic updates for applications. 

Benefits to Local Administration

The individual can install his/her own software and external hardware.

Drawbacks to Local Administration

Computers are more susceptible to denial of service and root access attacks than ECS-administered computers.
ECS support for diagnosing and resolving software conflicts may incur a charge.

ECS Administered Computers

ECS installs, maintains, and manages all hardware and software on the system. Computers are rebooted early Sunday morning if there are operating system patches or software updates. Daily backups of the local hard drives are done automatically by ECS. The computer is connected to a secure network. Hardware and software purchased by the College are under warranty.

Individuals cannot install their own software or hardware. ECS will install hardware or software purchased by an individual; there is no charge for that service. Purchased software must be compatible with the supported OS. ECS will make every reasonable effort to resolve conflicts between purchased software and the OS.

Computer Naming Convention

ECS administers collegiate, departmental, teaching lab, and institute-owned computers under the following plans. Collegiate, department, teaching lab, and research lab  computers are in the Engin domain.

Collegiate Computers

Collegiate computers are named D-COExxx, and are purchased by the Dean’s Office. There is no fee associated with D-COExxx computers. They receive complete support, including local hard drive back up. These computers are replaced every 5 years.

Department Computers

Department computers are named D-nnnxxx where “nnn” is the department abbreviation; e.g. D-MIE007. Fee includes local hard drive backup.

Teaching Lab Computers

Teaching lab computers are named T-nnnxxx where “nnn” is the department abbreviation; e.g. T-ECE007.

Research (Lab) Computers, Full support

Research lab computers are covered under option 3 above and are named R-nnnxxx where “nnn” is the name of the lab; e.g. R-ECE007.

Others

Locally administrated and research lab computers covered by options 1 and 2 above are named (option 1) N-nnnxxx where “nnn” is the name of the lab; e.g. N-ECE007; and (option 2) E-nnnxxx where “nnn” is the name of the lab; e.g. E-ECE007.

Disaster Recovery Policy

This contingency and disaster recovery plan describes the College of Engineering Computer Services (ECS) computer environment that has been designed to prevent incidents and anticipate easy recovery from a disaster destroying all or part of the facilities. This plan is applicable to all College of Engineering Computer Services staff responsible for managing critical facilities, including server hardware, software, and data. The ECS director serves as the administrator of the core server infrastructure for the College of Engineering. In the case of an incident or disaster, the ECS director serves as the Recovery Manager.

The goals of this disaster plan are to:

  • Provide for the safety and well-being of people on the premises at the time of a disaster;
  • Continue critical business operations;
  • Minimize the duration of a serious disruption to business operations and resources;
  • Minimize immediate damage and losses;
  • Ensure organizational stability;
  • Ensure orderly recovery.

Causes

Situations that can interrupt or destroy computer, network, or telecommunication services occur under the following major categories:

  • Environmental failures include interruptions by fire, steam, flooding, and weather, of the air conditioning and electrical systems.
  • Hardware and software failures and malfunctions.
  • Application failures caused by sabotage, system malfunction, or an interruption of the computing infrastructure.

Recovery depends on the severity of the failure. This plan covers strategies for both partial and full recovery of critical and non-critical applications and data.

Who Is Affected

ECS staff, guided by the ECS director, handles the work of recovering from a disaster. Faculty, staff, and students in the College of Engineering may be affected by a disaster, as well as clients with equipment or data that is managed by ECS.

Disaster Planning

Prevention
Disaster prevention means reducing the impact of problems by minimizing recovery time and effort to keep an incident from escalating into a disaster. Preventive measures strive to decrease recovery time, as well as reduce the probability of a catastrophic event and reduce its impact.

Prior Planning
In preparation for a disaster, ECS

  • Has configured a virtual server environment that can suffer the loss of up to two host servers without loss of service. Servers and data storage devices are configured to recover automatically from errors and disruptions.
  • Can perform a restoration from the ground up.
  • Can restore a fully patched and compliant computing environment.
  • Provides central controls (e.g., virus blocking, port blocking) when applicable.
  • Identified other work units that would be affected if the incident were to spread.

ECS has documented the following:

  • Identified person(s) with the authority to declare a disaster (see “Recovery Manager”).
  • Identified multiple staff capable of restoring IT services (see “Recovery Manager”).
  • Process for retrieving backed up data.
  • Procedure for the annual review and testing of the plan, including educating appropriate staff to ensure they are aware of and understand the plan.

Security
Security for data involves protection from damage or attack, being stable, reliable, and free of failure. Securing information is guaranteeing its confidentiality (levels of privacy), integrity (being complete and true), and availability (being accessible).

Physical Protections

ECS has set monitors to detect to following conditions in the server room, network entrance facility, and disaster recovery site:

  • Fire or smoke
  • Overheating or lack of sufficient cooling
  • Power interruption
  • Server malfunction
  • Change in network operations
  • External (network) attack, network intruder(s)
  • Fire detection and suppression

When a monitor detects any of the above fault conditions, the system calls and sends email to the ECS director and the sysadmin staff.

The ECS server room, entrance facility, and disaster recovery site have:

  • Backup power with uninterruptible power supply backed by a diesel generator*
  • Heating, ventilation, and air conditioning controls
  • Secure doors and windows, and facility space
  • Video surveillance, intruder alarm systems, and motion sensors
  • Access control logging
  • Two-factor authentication required for entry: physical key and code

Technical Redundancies

  • Virtual servers configured to automatically take over the functions of a failing server.
  • Sysadmin staff receives on-going cross training.
  • Key employees have cell phones and Internet access from remote location.
  • VPN to allow key employees to have secure access from remote location.
  • Multiple server and data backups available. (See “Backups” below)
  • A contingency communication plan that assumes normal electronic communications, including telephones, will not work.

Backups

All systems are backed up periodically as described in the ECS Backup and Recovery Policy. Physical access to backups is restricted by access control and password security. Physical access to off-site storage is restricted by access control.

Emergency Procedures

Decision-Making Process - During an Incident or Disaster

In the case of an attack or emergency, the Recovery Manager or designated staff will:

  • Report the attack to the University IT Security Officer.
  • Block or prevent escalation of the problem, if possible.
  • Preserve evidence, where appropriate.
  • Change affected account passwords as necessary.
  • Change the status of accounts as necessary.
  • Stop the service, if necessary.

Recovery Manager

The ECS director shall be the Recovery Manager, who is the primary person expected to carry out the following basic roles after a disaster situation has been declared by the designated authority. The secondary person shall be the first available first responder from the sysadmin group.

The Recovery Manager will direct coordination, restoration, and communication activities. This manager makes command decisions as related to the disaster within the scope of the area, and is essentially in charge of the disaster recovery. S/he works with other staff and/or outside vendors to restore computers, or other technical systems, to a functionality needed for the area to operate, at a minimum, its critical services. S/he also handles communication with departmental staff and outside entities.

Actions
Equipment and Data Protection

Servers and storage devices are configured to automatically switch to another server or storage devices in the case of failure. If the disaster is caused by water, the designated staff will verify that the operations of the affected server or storage device have automatically moved to other equipment.

Data are protected by the security protections and back up policy described in the “Prevention” section above.

Damage Assessment

The Recovery Manager or designate should evaluate damage to the computing equipment, structure, electrical system, air conditioning, and building network. One part of a damage assessment is specifying what equipment must be replaced and in what order replacements will be done. Estimates of repair time should include ordering, shipping, installation, and testing time. After the assessment, the Recovery Manager should estimate and communicate when computing functions are likely to return to normal.

Emergency Procurement

The Recovery Manager is responsible for evaluating the necessity of purchasing replacement equipment. The Purchasing Department at the UI will determine the best source for the quick acquisition of hardware and other equipment.

Recovery

The servers and data storage devices are configured to automatically recover from errors. Should manual intervention be required, the process is known by several from the sysadmin staff and documentation is kept in the Server Room Operations Manual.

Information Sources

These documents include information on servers, storage devices, software, customers and services, and operating information relevant to the Engineering Computer Network.

ECS Wiki
Server Room Operations Manual
Backup and Recovery Policy (to be reviewed)

* Disaster recovery site in ERF does not have a diesel generator.

Email Policies

All desktop computers on the Engineering Computer Network must participate in one of the programs described below. Windows, Macintosh, and Linux computers are covered by this policy.

For all of the options below:

  • Computer is joined to a domain, usually Engin but can be Iowa
  • Management agent is installed to handle machine inventory, operating system (OS) and software updates
  • Password tool is enabled, allowing user to use Hawk ID and password to set engineering password
  • Microsoft Office, Matlab, Firefox, Flash, Shockwave, and Java are installed

Locally Administered and Research Computers

Option 1 - Minimum support - no charge
Fee: none
Benefits:

  1. The computer must be joined to the uiowa forest unless the owner can demonstrate how they will enforce university password policies and there is a compelling case that forest membership will result in operational problems.
  2. The owner is given a local admin account for administering the machine.
  3. The owner is responsible for obtaining, installing, and maintaining all software without any support from ECS. No software licensed through the College of Engineering or the UI will be made available through ECS.
  4. If it is viable ECS will install a software agent to ensure compliance with University policies.
  5. The owner is responsible for any interactions with the vendor for warranty support.
  6. Engineering Help Desk will provide basic support at no cost, but for more complex issues will charge time and materials.

Option 2 - Intermediate support
Fee:  $250 one-time for the life of the computer
Benefits:

  1. Computer can be joined to Iowa domain.
  2. The owner is given a local admin account for administering the machine (upon request).
  3. Additional application software available from the various Engineering application pools is installed on requestprovided that no special research license is required.
  4. Engineering IT staff will install research versions of Engineering supported applications upon payment of the relevant license fees.
  5. Engineering IT staff will help the owner with software installs on request.
  6. Engineering IT staff will deal with the vendor for any warranty support.
  7. Engineering IT staff will create system restore image (upon request).

Option 3 - Full support with backup

Fee:  $25 per month for the life of the computer
Benefits:

  1. Local drive backup.
  2. Benefits #3-6 from Option 2 above.
  3. Engineering IT staff will provide troubleshooting and general assistance with software and hardware problems.
  4. Engineering IT staff will attempt to minimize any downtime related to equipment failure or software issues.
  5. Engineering IT staff will reload operating systems and applications as necessary and keep them current.
  6. Locally administered computers can be added to the Engineering Computer Network by filling out the Request for an Additional Network Connection form.
  7. Local computer administrators must follow University policies and standards as per the (ITS) Network Citizenship Policy as well as local policies in the Checklist for Locally Administered Computers.
  8. The computer should be directly connected to the network and not behind a router.
  9. If the system is compromised, the computer will be disconnected from the network until the OS has been reloaded and the vulnerability patched. ECS will try to notify individuals prior to a network disconnect.

Best Practices for all Locally Administered Machines

  • Install software and data on the local data drive.
  • Turn on automatic updates for applications. 

Benefits to Local Administration

  • The individual can install his/her own software and external hardware.

Drawbacks to Local Administration

  • Computers are more susceptible to denial of service and root access attacks than ECS-administered computers.
  • ECS support for diagnosing and resolving software conflicts may incur a charge.

ECS Administered Computers

ECS installs, maintains, and manages all hardware and software on the system. Computers are rebooted early Sunday morning if there are operating system patches or software updates. Daily backups of the local hard drives are done automatically by ECS. The computer is connected to a secure network. Hardware and software purchased by the College are under warranty.

Individuals cannot install their own software or hardware. ECS will install hardware or software purchased by an individual; there is no charge for that service. Purchased software must be compatible with the supported OS. ECS will make every reasonable effort to resolve conflicts between purchased software and the OS.

Computer Naming Convention

ECS administers collegiate, departmental, teaching lab, and institute-owned computers under the following plans. Collegiate, department, teaching lab, and research lab  computers are in the Engin domain.

Collegiate Computers

Collegiate computers are named D-COExxx, and are purchased by the Dean’s Office. There is no fee associated with D-COExxx computers. They receive complete support, including local hard drive back up. These computers are replaced every 5 years.

Department Computers

Department computers are named D-nnnxxx where “nnn” is the department abbreviation; e.g. D-MIE007. Fee includes local hard drive backup.

Teaching Lab Computers

Teaching lab computers are named T-nnnxxx where “nnn” is the department abbreviation; e.g. T-ECE007.

Research (Lab) Computers, Full support

Research lab computers are covered under option 3 above and are named R-nnnxxx where “nnn” is the name of the lab; e.g. R-ECE007.

Others

Locally administrated and research lab computers covered by options 1 and 2 above are named (option 1) N-nnnxxxwhere “nnn” is the name of the lab; e.g. N-ECE007; and (option 2) E-nnnxxx where “nnn” is the name of the lab; e.g. E-ECE007.

Engineering Computer Account Policies

All College of Engineering students, staff, and faculty are eligible for an Engineering computer account. All account holders are subject to the College of Engineering Acceptable Use Policy as well as the University of Iowa's Policy on Acceptable Use of Information Technology Resources.

Engineering Student Accounts

ECS creates an Engineering computer account for all incoming engineering students. Use your Hawk ID to log in and get your engineering password.

Engineering student accounts are active while the student is enrolled in the College of Engineering. During any semester that a student is not registered for classes, the account may be temporarily inactivated. Accounts remain active during internships or coop experiences.

Graduation

After graduation, a student account remains active for approximately 14 days after the beginning of the next semester. If you graduate in the spring or summer, your account remains active until 14 days after the start of the fall semester. ECS sends two email notices before inactivating student accounts.

Non-engineering Student Accounts

Any non-engineering student taking an engineering course is eligible for an account for the duration of the semester in which they take the course. The account is inactivated at the end of the semester.

Graduate Assistant Accounts

Graduate assistants teaching engineering classes who are not engineering students are eligible for an account for the duration of their appointment as a teaching assistant. Research assistants who are not engineering students but are working with engineering professors are eligible for an account only if the engineering faculty sponsor has privately owned equipment with which to support the research account.

Faculty & Staff Accounts

All College of Engineering staff and faculty, visiting researchers, and visiting scholars are eligible for an Engineering account for the duration of their employment with the College of Engineering. Access to the computing resource will be terminated 14 days after notification that an individual is no longer employed by the College of Engineering. Inactive accounts will be archived at the end of each fall, spring, and summer semesters. An inactive account is one that has not been logged into for 6 months after the password has expired. Archived files are available for a limited amount of time, not less than 1 year.

Account Disabling

Engineering computer accounts may be disabled for violations of the UI and Engineering Acceptable Use Policies, where there is evidence of activity that violates laws, the account poses a security risk, and other reasons. Why an account can be disabled.

Account Termination

All accounts will be removed six months after the account has expired.

Prepare for No Account Access

To prepare for no longer having an Engineering computer account, please read about account inactivation.

Account Eligibility Questions

If you have questions about account eligibility, please call or visit the Engineering Computer Services main office, 1256 Seamans Center, 319-335-5755.

IT Usage Guidelines and Good Practices

These guidelines describe specific practices expected at all times in private offices or public labs or spaces. Engineering Computer Services (ECS) may take action when these guidelines are violated.

Computing Resources

Computing resources, both physical machines and the virtual computing environment, are made available to support academic computing in the College. To ensure that computing resources are available equitably:

  • On a single shared workstation/computer, confine your access to one interactive session and one background job. You can use one interactive session to check on the status of a background job. 
  • Limit yourself to two concurrent background jobs on the entire network. It is best to start the two jobs on two different machines in order to distribute the load. All background jobs on engineering workstations must be set to run at a low priority.
  • Refrain from running server programs. Executing server programs is expressly prohibited when 1) the program continues to run after you log out; 2) the program is not related to the study of engineering; or 3) the program duplicates services already provided on the network (e.g., a web server). Please consult with ECS staff if this policy negatively impacts academic needs.
  • Use the nice command.

Data Integrity

If you store data outside a network drive, you are responsible for backup.

Email Good Practices

  • Never respond to an email asking for your account information (password). The University nor the college will never ask for your account information via email.
  • If you receive unsolicited email from within the College and prefer not to receive subsequent mailings, speak with the sender and ask that your name be removed from subsequent mailings.
  • If an account owner requests that s/he be removed from mass mailings, honor that request.

Software Licensing

Software that the university or the college licenses for academic or research use may be installed on personally owned computers only if the licensing allows. While it is impossible to enumerate all situations that might require action, these usage guidelines illustrate acceptable conduct. If your situation requires deviation from these guidelines, or you do not know if an activity falls outside these guidelines, please consult ECS staff to coordinate any special requirements. These may include relaxed background job priority, extra process allowances, or extra disk space. Every effort will be made to coordinate with individual users and to accommodate the bona fide needs of study and research.

Computer Lab Guidelines

In order to promote a productive work environment, the following policies are in effect at all ECS IT facilities. Because security of the ECS computer labs, conference rooms, and group work rooms is critical to the success of 24-hour access, you are responsible for secure and orderly use of these facilities at all times.

Authorized Users

Only faculty, staff, and students currently enrolled in engineering classes may use the equipment. If someone who does not have an engineering computer account is discovered using the facilities, s/he may be asked to leave the facility.

Computers Not Being Used

To set the screen lock on a Windows computer, press Ctrl + Alt + Del and select Lock Computer. The screen lock software automatically activates after 10 minutes of idle time. You can be logged in but away from a lab Windows computer for 30 minutes, after which you are logged out. You can activate the screen lock or let the 10 minutes elapse; in either case you remain logged in a total of 30 minutes with no activity. When you move the mouse of a screen locked computer, you’ll see a dialogue box in the middle of the screen and the length of time left before logout at the bottom left.

On Linux workstations, from the K/Start Menu select Leave, then Lock.

ECS staff are authorized to logoff any computer left unattended for an extended amount of time.

Cleaning time

Custodial services have priority during their scheduled time and users are expected to leave the facilities promptly at cleaning time.

Complaints

Please submit any complaints to an ECS staff member, 1256 SC, or send a message to suggestion@engineering.uiowa.edu.

Food, drink, and smoking

Covered cups and mugs for liquids are allowed, but no other food, drink, or tobacco is allowed in the IT facilities at any time. Please leave food and uncovered drink on the tables at the entrances to the labs. Users that are found with food or drink at a workstation may be penalized.

Games

Use of the facilities for academic work always takes precedence over game playing. People using game software may be asked to make that computer workstation available to students waiting to do homework. Limit game playing to those times when an IT facility is not crowded.

Hardware/software problems

Please report any problems you have with software or hardware to ECS staff, 1256 or 1253 SC, 319-335-5055. If equipment in the labs is broken, please don't attempt to fix it. Come to the Engineering Help Desk, 1253 SC, or send email describing the problem and naming the computer involved as soon as possible. Do not turn off the computers.

Noise

Keep the volume of computer speakers and other sound devices to a minimum. Avoid offensive language and loud speech.

Printing

If a printer is out of paper, report empty printer paper trays to a consultant, 319-335-5055, 1253 SC. If no consultant is on duty, send email. If possible, send your file to another printer. If no print options exist, you must wait until an ECS staff member restocks the paper.

Printing Reimbursement

Reimbursement is provided if the printer malfunctions. As soon as you notice a problem with your output from a laser printer, report it to the Engineering Help Desk, 1253 SC. Repeated printing in spite of equipment problems will not be refunded.

Resource Use

Do not leave workstations running programs overnight without permission from ECS staff. If permission is not obtained, the staff is authorized to logoff the workstation.

24-hour access

The Elder and Hering computer labs are never locked, so if you have an engineering computer account, you can use those labs 24 hours a day. The 1245 computer classroom is locked after 9pm week nights and weekend morning and evenings. The 2301 lab is locked at 5:30pm until 7:30am. When the building or rooms are locked, you must use your access card to enter.

Linux Temporary Storage Policy (/var/tmp)

Using /var/tmp, Linux local storage

ECS manages temporary local disk storage, /var/tmp, on Linux workstations. ECS suggests that some packages be run from the local disk storage area because these packages create very large scratch files, which do not fit within quotas and slow network performance when run from your H: drive. The local storage area must be cleaned out for system upgrades, machine failures, or when the disk fills up. You must make your own backups of files on the temporary /var/tmp space.

At the end of each semester (including the summer term) and for system upgrades, performance issues, or a full disk, ECS will remove files from /var/tmp. You must save files that you want stored in /var/tmp before our clean up. If we have to clean out /var/tmp in the middle of a semester because of unavoidable circumstances, those files will not be saved. 

Schedule

/var/tmp will be cleaned out the first working day after grades are submitted to the Registrar for the fall, spring, and 8-week summer sessions, assuming that ECS has not needed to clean up /var/tmp for reasons noted in the paragraph above. The grade due date is published in the University calendar.

 Network, Security, and Cabling Policies

Because students, faculty, and staff in the College of Engineering depend on having the computers and associated networks available, the College of Engineering has implemented the following policies. Stability, reliability, and security of information technology in the College guide the implementation of these policies.

Direct questions about the details of these policies and how they are implemented to the Engineering Computer Services (ECS) office 1256 SC, 319-335-5751.

Acceptable Use

All computer and network users are required to adhere to the University's Information Technology Resources Acceptable Use Policy (AUP) and the Engineering AUP.

Computer Ownership

University-owned computers can be used long term in assigned spaces (offices). Personally owned portables may be connected to the College of Engineering network temporarily and used in unassigned spaces such as labs, classrooms, and public areas.

If you locally administer your computer on the Engineering College Network, you are responsible for the physical as well as the electronic security of that equipment. You must read and sign the Checklist for Locally Administered Computers annually: PDF iconlocally-admin-machine-policy-0213.pdf.

Network Connections

The college provides two types of computer ports: normal and open. A normal port, usually in a faculty or staff office, computer lab, or classroom, is registered to one Ethernet address (the address of the network card in the computer). If the Ethernet address changes, you must notify ECS. A public port allows any Ethernet address but requires that you authenticate to use network resources.

You must register the computer’s Ethernet address and its DNS name with ECS. When a network connection has been requested and approved for a named computer in a specific location, ECS will:

  • Assign a circuit number. The computer’s network port will plug into the wall plate with that circuit number.
  • Assign an IP address to the registered computer. If the computer is changed, the person responsible for that network line must report the change to ECS.
  • Record the name of the faculty or staff person responsible for the computer and the network port. The named person will be contacted regarding all issues involving this computer. These issues include but are not limited to inappropriate use of the computer or the line, security problems, service problems, and billing.
  • Enter the computer name and IP address into the Domain Name Service (DNS).
  • Assign, configure, and activate a network port.
  • Configure any required DHCP service.

Security

All computers connected to the Engineering College network may be scanned for security problems, either by ECS or, more commonly, by ITS. When the security of a computer has been breached, ECS determines if the computer has been compromised. A computer that has been compromised or used for inappropriate purposes (see the AUP) will be disconnected from the network without prior notice. To reconnect a computer to the network, ECS must be assured that all security problems are fixed. ECS may verify that the computer has been properly rebuilt by scanning it.

Cabling

Room to Room
All room-to-room cabling of any type must be installed by authorized personnel. If room-to-room cabling is required or if you have any questions, contact the Engineering Electronics Shop, 2018 SC, 319-335-5760. They can install cable in a fire-safe manner.

Within the Room
No interior room cables may be installed above a false ceiling because of fire safety issues. Cables that do not penetrate the ceiling can be installed by the user.

Domains

All domain name requests must be approved by ECS.

Passwords - What you need to know

Engineering account passwords must include 2 numbers and 2 letters. In other respects our passwords meet the same rules as the Hawk ID passwords.  Engineering account passwords can be changed here

Passwords:

  • must be at least 9 characters long. We encourage a pass phrase of 15 or more characters.
  • must include 2 numbers and 2 letters. We encourage using at least one non-alphanumeric character.
  • cannot include any 4 consecutive characters of your engineering account ID or Hawk ID.
  • cannot match a previous password.
  • are valid for 365 days, but can be changed more often

Elevated Privilege System Accounts

An account with elevated privileges has additional requirements: you must change the password at least every 180 days and the password must be at least 15 characters long.

Changing Your Password

If you are logged into a college-administered Windows computer, press the Ctrl + Alt + Delete keys at the same time and select Change Password. You must enter the current password and your new password twice. If you are logged in remotely, on a Linux workstation, or on a self-administered computer, go to the engineering password tool page to change your password.

You can change your password to reactivate your account even if your password has already expired; go to the password tool, and select Change passwords.

You can change your password using the Pulse Secure VPN.

If you forget your password, please bring your UI student/faculty/staff ID card to the Engineering Help Desk, 1253 SC, to have your password reset.

You use the same password to log in to Window and Linux.

Check or Set Your Password

Use the Engineering Account Password Checking Tool to verify that you know your Engineering account password. If you enter your password correctly but your account is locked or the password has expired, that information is returned.

Get your intial password.

Password Life Span

Passwords have a maximum life span of 365 days. You will get email from consultant@engineering.uiowa.edu before your password expires. The subject line of the email will be "Your password will expire in 14 [7, 1, 0] days." That email message suggests the best way to change your password depending on where you are logged in. See the Changing Your Password section above for information on changing your password.

If you forget your password, bring your ID to the Engineering Help Desk, 1253 SC, to request that your password be reset.

What Makes a Good Password

Passwords protect your account from unauthorized access. For this reason, ECS implements password restrictions in order to deter password cracking. Passwords rules are listed above. In addition, we recommend that your password contain at least one non-alphanumeric character and that it not contain any portion of your name or another person's name as a part of your password. Because longer passwords are more difficult to crack or to guess, we recommend using at pass phrase of 15 characters or longer.

In general, if part of your password is a proper name or a word that appears in an English dictionary, it is not a secure password. If you have a dog named Ace, mydog=ace would not be a secure password.

Valid non-alphanumeric characters are:  ,  +  -  $  [  ]  *  &  ^  /  %  {  }  |  "  '  ?  <  >  _  :

Do not use the characters :  \   !   @   # [space]

Password Problems, Time Limits,  Expired Passwords

If you try to enter your password but do so incorrectly 15 times, your engineering account is locked for 5 minutes.

Your password is valid for 365 days. Two weeks prior to the date that your password will expire, you will begin to see reminder messages to change your password each time you log in. Once your password has expired, the next time you log in the system will prompt you to change your password. After changing it, you will need to log back in immediately with the new password.

Engineering Webmail Password Problem

The Engineering Webmail system is ONLY for legacy engineering e-mail accounts. In 2009 a decision was made to outsource e-mail services to HawkMail and no new engineering e-mail accounts have been created since. The only users of the engineering e-mail system are people who have accounts that pre-date 2009. Any person who's Engineering account post-dates 2009 will get a login error if they try to use the Engineering Webmail system. This is an expected result as those people do NOT have an engineering e-mail account. If you are certain that you have an engineering e-mail account and are having trouble logging in to the Engineering Webmail system see the above tips. If you are still unable to resolve your problem contact ECS user services.

Personally Owned Computer Support Policy

The primary mission of ECS is to support University-owned and managed computing hardware. Support of personally owned computing hardware will be left to the discretion of the ECS director, who has the right to refuse support of any and all personally owned computing equipment. 

As time and resources permit, ECS will:

  • strive to provide limited, basic, non-warranty support for personal computers owned by faculty, staff and students. 
  • assist with non-warranty diagnosis and troubleshooting of hardware problems. 

The owner is responsible for all replacement parts, shipping, and other associated costs.  ECS may help with hardware replacement. If support requires installing software, the owner must provide properly licensed copies of the media.

Procedures and Guidelines

The owner must contact the Engineering Help Desk by phone, e-mail, or walk-in prior to dropping off a system for service. This advanced notice may result in a quicker resolution to the problem. It will also allow us to inform the owner if we will not be able to work on the system in a timely manner.

The Engineering Help Desk has the right to refuse any computing hardware that may legally or morally jeopardize the integrity of the College of Engineering or the University of Iowa.

The owner must back up their critical data prior to dropping the system off.  The Engineering Help Desk is NOT liable for any loss of data.

Any request to install software must be accompanied by a licensed copy of that software. 

Turnaround times can vary widely, from one day to two weeks depending on the work load.

Bring all hardware to the Engineering Help Desk, 1253 SC.

Once the Help Desk has diagnosed or resolved the problem, the owner will receive notification by phone or e-mail.

The owner of the system may pick up the system at any time if they feel the Help Desk has taken too long to resolve the problem. 

Contacts and Technical Experts

Engineering Computer Services, College of Engineering (319-335-5751) (consultant@engineering.uiowa.edu)
University of Iowa Information Technology Services (ITS) Help desk (319-384-4357). The ITS Help Desk offers software repair and troubleshooting.

Disclaimer

The Engineering Help Desk is NOT liable for loss of any data on or damage to personally owned computing hardware. 

Questions

For questions about this printer support policy, please contact the ECS Director, 319-335-5751.

Printer Support Policy

ECS Lab Printers

ECS handles all the installation, troubleshooting, and repair for printers in the students labs and computer classrooms (Elder, Hering, 2301, 1245, 2301). Problems with printers in those labs should be reported to the Engineering Help Desk, 319-335-5055, 1253 SC, or consultant@engineering.uiowa.edu

Departmental, Local, and Research Lab Printers

CSS will recommend appropriate printers to purchase. If requested ECS will troubleshoot printing problems and recommend repair as appropriate.

If a maintenance contract is purchased with the printer, hardware problems should be handled per that contract. If there is no maintenance contract or the printer’s warranty has expired, the Engineering Electronics Shop (EES), 2018 SC will attempt to repair printers. The owner must provide an account to which the Electronics Shop can charge the repair.

For help with a departmental printer, contact the Engineering Help Desk, 319-335-5055, 1253 SC,consultant@engineering.uiowa.edu

Software Installation Policy

The Engineering Computer Network (ECN) software installation policy sets deadlines for ECS staff to receive software to be installed on lab computers (classroom laptops, Hering, Elder, 2301, 1245, 3231, and departmental teaching labs administered by ECS). Software must be installed within security and licensing constraints established by ECS. Because software is not equally well written for network installation, ECS cannot guarantee that all packages can be successfully installed.

Who Is Affected

Instructors wishing to assign projects using software on the lab network and individuals holding training sessions in any lab or teaching classroom should understand this policy.

Software Installation Policy

Software to be used in fall and spring courses must be given to ECS one (1) month before the start of fall classes. Software known to be difficult to install must be given to ECS two (2) months before the start of the fall semester.

No changes will be made to the lab loads during the year.

Laptops load changes to the user environment may be made during a semester. Laptop load changes required a complete reload must be approved by the ECS Director. Because reloading the laptops is a time-intensive activity, if you plan to use the laptops in class, please borrow one from ECS so that you can test the software you intend to use.

Software to be used in a special training session must be given to ECS 1 month before the start of the session. In addition, you must supply a technical contact with the software so that ECS staff can discussion installation issues.

Procedure

The requesting instructor must fill out the software installation form [on-line; to be created; name, phone or other contact information, name of software, platform on which to install, course number in which it will be used, any licensing information, …] and bring applicable media, documentation, and licensing information to ECN, 1256 SC by the above noted deadline.

Within two weeks of receiving the software, ECS will notify instructor if the software cannot be installed on the network.

Requirements

In general, software to be installed on the Engineering Computer Network must:

  • Run under Windows 7 or 64-bit Linux
  • Be network capable
  • Understand long filenames
  • Allow the installing administrator to set the location of files the software needs to create and modify
  • Be IPv6 compatible
  • Run as ordinary user (not administrator)
  • Have a licensing system that does not require administrative action on each computer (no web activation per host
  • Have a silent installation method (no user interaction during installation)*
  • Not conflict with existing applications and device drivers
  • Not require hardware security devices
  • Not need to write to protected areas (C:\Windows ,C:\Program Files, C:\Program Files (x86), etc.)
  • Not need to write to the local machine registry (HKey_Local_Machine store)
  • Not require Netbios

* Please check with staff to see if a silent install is possible

Questions

For questions about this policy and use of software on the ECN, please contact the ECS Director, 319-335-5751.

See Also: Academic Software Funding and Acquisition Guidelines above.

Windows Patching Policy

Student Lab Computers

Windows computers in student labs in the 1245 SC and 3231 SC computer classrooms, Hering (1220 SC), Elder (1231 SC), and 2301 SC labs have Automatic Updates turned on. That is Microsoft’s recommended setting, and the setting you should have on any Windows computer at home.

Computers in those labs are set to patch Sunday beginning at 1:00 am whenever there is an operating system patch or a software patch to be installed. Another patch begins at 3:00 am on Sunday to ensure that all downloaded patches were installed. At patch time, all the computers in the labs will be unavailable for the few minutes that it takes for the patch to install and the computer to reboot.

Faculty and Staff Computers

If a Windows patch or software updates are released during the week, Windows machines will be taken down beginning at 1:00 am on Sunday to install patches. Else the computers will remain available for login.

If a critical patch is released during the day, you will get a pop-up dialogue box that will allow you to defer the patching for up to 3 hours. After that period of time, your login session will terminate so the patch can be applied.

ECS suggests that you close all files when you leave your computer at the end of the day and log out before Sunday. If there are updates to install, the installation will not damage any files if all files are closed.