POLICIES GOVERNING THE USE OF COMPUTER RESOURCES

Full-time students are issued with two types of accounts when they join the polytechnic. They are the SPICE logon account and Student Email account. These student accounts remain valid during their study in the polytechnic.

Students are to ensure the confidentiality and security of the passwords for their accounts. Generally, they are prompted to change their passwords on a regular basis. Students can also change their passwords on their own accord. If students forget their password, they need to generate a new password. Students may have their account locked out from the network if they are unsuccessful in logging into the network for a number of times. In that case, they need to have the account unlocked and a password generated.

If students encounter problems with their accounts, they can call the SPICE Service Desk.

The SPICE logon account allows students to access PC-based and CAD/CAM based applications in the labs, print service, Internet and SP Mobile.

The Student Email account allows students to access Microsoft 365, student applications and Microsoft Online Password Reset page to change password. To change or reset password students can access Microsoft Online Password Reset page - https://passwordreset.microsoftonline.com. Follow the instructions on your browser to reset password. The email or username format is xxx.yy@ichat.sp.edu.sg.  

The department manages a high-speed Gigabit Ethernet campus network complemented by a campus-wide IEEE 802.11ac compliant wireless network operating in both 2.4 Ghz and 5 Ghz frequency bands. The Gigabit Ethernet campus network is an extensive network, which supports a wide spectrum of services for teaching and learning purposes and Internet access.  There are over 2000 wireless access points installed all over campus including lecturer theatres, media classroom and social areas such as food courts and Social Hub   Students can connect to SPStudent Wi-Fi using their own notebooks or mobile devices. It is recommended that your devices wireless network interface card (NIC) supports 5 GHz frequency band to enjoy better performance. Operating system such as Windows10, Mac OS X, Android and iOS on notebooks and mobile devices are all supported.

Students have to use their SPICE accounts and password to login to the SPStudent wireless network. On campus, students can access to services such as PolyMall, eSP, Student Admin System and Internet through SPStudent wireless.

If problems are encountered when using the SPStudent wireless network, students may report them to the SPICE Service Desk.

SP Student Email is a web-based email system powered by Microsoft Office 365. It offers a mailbox of 25 GB storage space, integrated calendaring, enhanced protection with virus scanning and cleaning, plus advanced filtering to help keep junk emails out of your mailbox.

The mailbox is accessible from the SP Home Page or via the URL http://www.outlook.com/ichat.sp.edu.sg. Students need to log in using their iChat account and password.

To achieve a reasonable response time from outside the campus, students are encouraged to subscribe to broadband service from any of the Internet Service Provider (ISP). Students encounter problems with their email, can report to the SPICE Service Desk. More information on the SPICE Service Desk is available in Section E.

For security reasons, all students should log out from their mail file or application if they no longer need to use them. They are also to observe the Standards & Guidelines on Use of Electronic Mail. For more details on the standards and guidelines, please refer to Section F below.

eSP Brightspace

eSP Brightspace is an e-learning platform managed by the Department of Educational Development. Through eSP Brightspace, students may view the latest announcements, access course information and materials, attempt quizzes, check their grades, submit their course assignments online and participate in threaded discussions.

eSP Brightspace is accessible through the SP Home Page or via the URL http://splms.polite.edu.sg. Students need to log in using their iChat email address and password in order to access the website. If students face any problems accessing eSP Brightspace, they may look to their lecturers or SPICE Service Desk for help.

The SPICE Service Desk provides a single point of contact helpdesk service for IT-related incidents, feedbacks and service requests for staff and students.

Dedicated IT staff will provide first-line support to end users. The more severe incidents will be escalated to the appropriate service group to handle. The status of issues raised is logged and tracked.

 

Please refer to this IT Support page for more details.

1. Introduction

As a student of Singapore Polytechnic, you will make use of the Polytechnic’s ICT Assets such as information, computers, networks and software in your day-to-day activities. It is important that these important resources provide the service to you and to others for which they were intended.

An important part of the proper operation of these ICT Assets is security. Scams, trojans, viruses, worms, spyware and ransomware can wreak havoc on these assets so the Polytechnic has taken great care to protect them against such threat.

That said, you, the student, perform a very important role in maintaining the security and availability of the Polytechnics student computer resources. We have written this guide to help explain what you need to do, and what rules you need to comply with to help ensure that the confidentiality, availability and integrity of the computing resources of the Polytechnic are protected.

This document contains a set of Acceptable Use Policy specifically for Students and is meant to make sure that the Polytechnic’s computers and networks keep running smoothly and securely. All Students of SP are required to strictly comply with the Information Communications Technology (ICT) Security Policy and Standards issued by the Polytechnic.

2. Student Security Awareness

You are to complete security awareness training as part of your introduction to the Polytechnic. This training will ensure that you understand the risks and your responsibilities towards helping to reduce those risks. Sensitive data including personally-identifiable information or PII (eg. NRIC, full name etc) must be secured and protected at all times (eg. encrypted in storage, transmitted over secured protocols eg. HTTPS and securely deleted when no longer needed). In addition, PII must not be collected as part of student activities in the Polytechnic.

You understand that you are responsible to comply with all security related policies. These policies are important and protect not only you, but everybody else who needs to use these resources.

 

3. Passwords

You will be given a password to access any computer accounts that you need. You must keep your password secret, and never ever tell anybody else what it is¹ ;

We have some rules to help you select a good password:

• It needs to be at least 12 characters long;
• It needs to contain characters from at least 3 of the following categories:
  • Upper case (A-Z)
  • Lower case (a-z)
  • Digits (0-9)
  • Special characters (!, $, #, %, etc.)
• It can’t be reused for at least 3 generations;
• It can’t be your username or User ID;
• It can’t be your name or part of your name;
• It can’t contain your NRIC/Passport Number;
• It can’t contain or be anything that can be associated with you, e.g. your dog’s name or street name;
• It can’t be a dictionary word, commonly used words or compromised passwords.

So, you need to use great care when you pick a password. One easy way to pick one you can remember is to think of a phrase. For example, the phrase “I like Ice Cream” could be converted into a password like 1l1ke1cecream by just putting 1 instead of ‘I’; this is a very good password. (Don’t use this one though!)

Don’t write your password down on a piece of paper or put it in a file on a computer. Somebody else could find it.

If you think someone has guessed your password, or if you accidently revealed it to somebody else, you need to change it immediately.

Your password needs to be changed every 12 months, and you can’t use the same password again.

 

4. Your Accounts

Your account is just that – your account, just for you and you alone. You cannot share it with somebody else, for any reason.

You are responsible for everything that comes from your account. So if somebody were to send an email, write a blog, or post something on FaceBook using your account defaming the school, a teacher, or a friend, you are still held accountable. So again, keeping your password a secret helps to avoid problems like this.

You can’t use someone else’s account, just like someone else can’t use yours. You also can’t do things that attempt to mask your account to others to try and hide. You can't use the Polytechnic’s resources to spy on others, and you can’t change, read, delete, copy or otherwise modify another persons files unless they give you permission to do so.

 

5. Appropriate Use SP's Computer Resources

The computer systems, including networks that have been set aside for your use are tools to facilitate your education. These systems should be usable by you just the way they are, and you should not need to change their configuration or add/modify/remove any software. Use common sense in what you do on these systems - if it feels wrong, it probably is. You should only use Polytechnic computer systems and the Polytechnic’s networks for Polytechnic related activities such as coursework or research, and for no other purpose. You should not use these systems for:

• Commercial or financial gain;
• Gambling;
• Unauthorized storage;
• Attacking or hacking Polytechnic or external resources including bug-hunting, penetration testing, vulnerability and network scanning
• Installation of malicious software or code
• Disruptive activities to other students or the Polytechnic as a whole

When connecting to the Polytechnic's networks, the Polytechnic has the rights to monitor, control and disclose your Internet activities. This will include the rights to accept, terminate or reject your connections, as well as to monitor and record your surfing activities.

Only install authorized software on the Polytechnic’s systems. Authorized software is software that is licensed for use, legally acquired, and approved by the Polytechnic for use. By installing unauthorized software you could inadvertently introduce malicious code and cause great harm to the Polytechnic. You could also break the licensing agreements that the Polytechnic has with various software vendors, and without even knowing it.

You must not engage in any use or activities that may be considered misuse or abuse. You must also not break any of the laws of the Republic of Singapore relating to computer use and the use of copyrighted material. In particular, care should be taken to adhere to the following laws:

• The Copyright Act
• The Computer Misuse and Cybersecurity Act
• The Spam Control Act
• The Personal Data Protection Act (PDPA)

Only use resources that are for students. Staff computers are for staff and students should not use them. If you have a question regarding a computer system's intended use, please ask.

Do not try and circumvent these safeguards, as you will be endangering both the system and your fellow students.

Information that goes on the Internet from the Polytechnic is traceable to the Polytechnic. So don’t use the Polytechnic’s network to post or email on the public Blogs, social networking sites² (such as Instagram, Facebook, Twitter, YouTube, etc), websites, or any other publicly accessible communication channel, anything that is:

• False or misleading
• Distasteful;
• Objectionable;
• Prejudicial to the good name of Singapore Polytechnic;
• Illegal as defined under the laws of the Republic of Singapore; 

Again, good sense prevails – defamation, pornography, pictures that are disturbing – if you think it’s bad, then it probably is.

You must not use the Polytechnic’s ICT Systems to illicitly exchange³ (without the permission of the copyright owner or exchange in violation of normal "fair use" principles; this generally applies to music, movies, software, and others forms of intellectural property)or otherwise infringe on the copyrighted intellectual property of others by any means, including but not limited to the use of “peer-to-peer” or “client-to-client” technologies⁴ (such as eDonkey, Gnutella and Bit Torrent) , email or FTP. If you have peer-to-peer or client-to-client software on your personal laptop, either turn it off or don’t connect your computer into the Polytechnic’s network.

When you use your own Non-SP furnished or personal devices⁵, you can only connect it to networks that are allocated specifically for student or guest use. You cannot attach it to any network reserved for the staff of the Polytechnic.

If you are accessing SPICE networks through Non-SP furnished devices, you are required to secure them and ensure no virus or malware is present on these devices. This includes usage of password/PIN for logging into the device, installation/running of real-time anti-virus on the device and checking your OS/software/anti-virus signatures for updates at least once a week. Software should only be installed from authorized and trusted sources (eg. Apple App Store, Google Playstore for mobile devices).

You must not run any diagnostic or vulnerabiliy scanning tools on your Non-SP furnished devices while connected to the Polytechnic's networks.

You must not attach your Non-SP furnished devices to a second network⁶ and Singapore Polytechnic’s network at the same time; for example, if you have a USB dongle that facilitates connections to a mobile data network, then you can’t use that dongle at the same time as your device is attached to the Polytechnic’s network.

 

6. Email

The Polytechnic may have created a student email account for your exclusive use. You are fully accountable for all emails transmitted from your Polytechnic email account so you must ensure that nobody else can access this account.

When you use your Polytechnic email account, you are in effect representing the Polytechnic. You must exercise care and discretion when you send mail, and you must not use your Polytechnic email account to:

• Send false/misleading, spam or commercial emails;
• Solicit for political candidates;
• Engage in illegal, unethical or improper activities;
• Disseminate internal email addresses to external mailing lists;
• Conduct personal business

You must always take precaution when reading your email and stay vigilant for phishing, spoofed, unsolicited and malicious email sent to entice you to click on malicious links/attachments or to solicit sensitive information (eg. passwords, one-time-PIN, personal information etc).

7. Security Violations

If you see something that you think might indicate a security problem, malfunction of a security device or program, or a security violation, please promptly report the matter to the SPICE Service Desk – it is your responsibility to do so.

If violations, such as presence of malware, are detected on your Non-SP furnished devices, the Polytechnic will deny your connections to the Polytechnic's networks.

If there is an investigation being conducted by the Polytechnic relating to system misuse, abuse or a security incident/violation, then you understand that during the course of the investigation the Polytechnic’s management has the right to examine your account, emails, user files and Non-SP furnished devices that have been connected to the Polytechnic's networks.

You also understand that violation of the Polytechnics computer security policies and acceptable use policies is a very serious matter. Violations may result in:

• Fines against the offending party;
• Confiscation of Non-SP furnished devices;
• Withdrawal of access to the Polytechnic’s computing resources and/or network
• Suspension or expulsion from the Polytechnic.

Finally, Singapore Polytechnic reserves the right to take disciplinary or legal action against an offending user in the event that he or she conducts himself or herself in any manner which is considered by the Polytechnic to be irresponsible; or in the event that the individual is misusing the computing resources allocated to him or her.

This document is last reviewed on 20 Sep 2023
-----------------------------------
¹ One really good example of when this rule is important is when you are the potential victim of a phishing attack, where you get an email asking you to reveal your password. A legitimate site or organization will never ever ask you to reveal your password.
² Social networking sites include sites such as Instagram, Facebook, Twitter, Youtube, TikTok and so on.
³ By “illicitly exchange”, we mean exchange without the permission of the copyright owner or exchange in violation of normal “fair use” principles; this generally applies to music, movies, software, and other forms of intellectual property.
⁴ Examples include eMule and Bit Torrent
⁵ Non-SP furnished devices include desktops, notebook(s), tablets (also known as slates), smart phones, and storage media such as thumb drives and optical devices (e.g. CD-ROM, DVD).
⁶ A “Second Network” is meant to be an un-trusted third-party network such as the Internet; the effect of connecting a computer to two networks at the same time is to circumvent protection mechanisms that may be in place on the trusted network. A good example of connecting to a second network is at the same time would be to connect to the SPICE network using a LAN port while at the same time being connected to Wireless@SG on the Wi-Fi port.

Wireless Network Usage Policy

Users of the Singapore Polytechnic wireless network are any person who uses the wireless network, for any reason, regardless of their role or position.

The Wireless Network Policy applies to all users of the wireless network, regardless of role or position and whether student, visitor, vendor or guest in Singapore Polytechnic.

Users are required to:

• Install and maintain up to date Anti-virus software
• Endeavor to ensure that the latest service pack and hot fixes for their system are installed, regardless of the operating system type
• Install and operate personal firewall software whereever possible
• Comply with all legal and statuary requirements
• Comply with all Singapore Polytechnic Policies
• Not install or operate unauthorized wireless networks, including ad-hoc networks
• Not connect to the wireless network and untrusted networks at the same time. (i.e. you must not dial up to an ISP while connected to the wireless network)
• Use only the secure network for access to confidential or sensitive information
• Protect any encryption key issued to them and ensure the confidentiality of that key
• Read the policies and instructions issued by Singapore Polytechnic
• Avoid using high-bandwidth applications on the wireless network
• Not rely solely on the wireless network for high-availability systems

This document is last reviewed on 10 February 2006.

Microsoft Volume Licensing - Enrolment for Education Solutions (EES): Student Advantage Program

“Office 365 ProPlus for Students” is offered to Singapore Polytechnic students at no additional charge via Singapore Polytechnic EES agreement.

 

Office 365 ProPlus for Students includes the following:

 

• Office 365 ProPlus for PC
• Office 365 ProPlus for Mac
• Office Mobile for iPhone
• Office Mobile for Android

Students are allow to run Office on up to five machines being Mac or PC. Students can also run Office Mobile for Android or Office Mobile for iPhone on up to 5 mobile devices. This Office 365 ProPlus for students subscription license will expire when students leave Singapore Polytechnic.

 

Transferring of License to other users are not permitted. Students may assign the software license to another device, when you assign the software license to a new device, the software will no longer run on the prior device.

 

Students will use Singapore Polytechnic iChat email account to download Office 365 ProPlus installation, students are not permitted to acquire, create and/or replicate the Office 365 ProPlus installation physical media.

 

This document is last reviewed on 6th Aug 2019.