All users of the Carolina CloudApps service must agree to the following terms of service before creating or contributing to a site.

Important Information

Carolina CloudApps support staff reserves the right to remove any and all websites without prior consent. It is also possible that your website(s) will experience periodic downtimes during upgrades, installs, configuring, or optimization of the service. When possible, an attempt will be made to notify all users prior to any interruptions in service.

As system administrators of the Carolina CloudApps environment, please be aware that ITS has the right to review all content stored therein.

Acceptable Use Policy

Carolina CloudApps is designed to allow people to create their projects with a URL in the ".cloudapps.unc.edu" domain and is intended to be used for university-related projects. This service is not for personal projects. Please do not register department names, or special names, unless you are the official representative for that department, or project. Sites that are registered to unauthorized users, or for unauthorized uses, will be deleted and assigned to appropriate departments and or projects. Repeat offenders may be asked to not use the service.

Additionally, university departments, centers, and other organizations with university business web application development needs can request a department/project space that is not tied to an individual. Details on this service and how to request space is available in the Carolina CloudApps: Department Project Space document.

Carolina CloudApps may be used by student organizations. UNC policy requires that student groups be officially recognized before using any campus resources. Any group that is not a University sanctioned group can use an external service.

Carolina CloudApps requires users to authenticate using their Onyen. Carolina CloudApps does not allow non-Onyen logins. As such, all content will adhere to the ITS Onyen Policy.

Environment Backup

Users of Carolina CloudApps are responsible for creating and maintaining their backup strategy. ITS will have a disaster recovery backup of the system itself, but we cannot accurately provide full backups for each project, especially for the source code from your external source code repository nor the point in time recovery of your database resources. As such, the responsibility will reside with the site maintainer(s) using built-in OpenShift command line tools and scheduling tools like cron. These tools will assist with creating recoverable copies of your code, data, configuration and log files. Please see the Carolina CloudApps: Backing up Your Applications document for more information.

Supported software and versions

Carolina CloudApps will support only the versions of the underlying software images while they are supported by the OpenShift Container Platform vendor. Exceptions to this rule may be made if ITS determines there are risks to the university with running older versions of the software. Software updates will be communicated ahead of time to end users of the system and using the ITS change process.

Any software installed in a container by the end users is maintained by the site owner and will need to have regular updates applied. End users should sure all critical security patching takes place and attempt to keep to currently supported versions of any such software.

Sensitive Data

Carolina CloudApps has worked with the Information Security Office to obtain approval for storing or processing the following types of sensitive data for department/project-based projects only:

• Personal Information, as defined by the North Carolina Identity Theft Protection Act of 2005
• Protected Health Information, as defined by the Health Insurance Portability and Accountability Act of 1996 (HIPAA)
• Student education records, as defined by the Family Educational Rights and Privacy Act (FERPA)
• Customer record information, as defined by the Gramm Leach Bliley Act (GLBA)
• Confidential personnel information, as defined by the State Personnel Act
• Information that is deemed to be confidential in accordance with the North Carolina Public Records Act

Note that we DO NOT support the processing or storing of ACH, card holder, credit card, or other payment information as defined by the Payment Card Industry (PCI) Data Security Standard. If you have a business need for processing payment information, contact the University's Merchant Services group at certifi@unc.edu for information on using the TouchNet payment gateway service.

If you need to store or process sensitive data on the Carolina CloudApps platform, you will need to complete a Sensitive Data Access Questionnaire that will be reviewed by the ITS Information Security Office.

Learn more in the Sensitive Information document.

Ethical Standards

Users of the Carolina CloudApps service are expected to follow conventional standards of ethics and polite conduct in their use of the computing resources. It is expected that users will behave responsibly, ethically, and politely, even in the absence of reminders or enforcement.

Terms of Agreement for Onyens

Any individual utilizing the Carolina CloudApps service is solely responsible for the use of their UNC Onyen, the resources to which that Onyen provides access, activity on the network that can be traced back to that individual's account or computer, and for the content of any information made available through use of these resources. All such activity is subject to the laws of the State of North Carolina and the United States, as well as the policies governing the University of North Carolina at Chapel Hill. By accepting computing and network privileges and continued access to these resources, you, the user, are also accepting the following terms of agreement:

• Access to computing and network resources granted through the issuing of a UNC Onyen may be used only by the specific individual to whom the Onyen is issued and may not be shared with other individuals.
• An individual's personal data and use of the network are considered private, but personal data and network activity may be reviewed by ITS staff under certain circumstances. Such circumstances include, but are not limited to, the specific request of the owner of data for staff to examine content; the administration of a system or the network requiring special intervention; and suspicion of ethical or legal violations that staff members with proper security authorization are compelled to investigate.
• Access to computing and network resources is intended to support the University mission and must be used in an ethical and legal manner consistent with all University policies.

Legal, Ethical, and University Policy Prohibitions

The following list of prohibitions is meant as a representative sampling and is by no means intended to provide a comprehensive collection of legal, ethical, and University policy violations.

Activities prohibited when using UNC computing and network resources include, but are not limited to:

• Harassment (which is defined in the Campus Honor Code)
• Any commercial or for-profit ventures (such as running a business using your campus web space, email account, or network access)
• Disrupting a system or the network, consuming excessive system or network resources, or preventing authorized access of such resources for use by others
• Access, attempted or successful, to resources for which you do not have proper authorization
• Distribution of pornography
• Possession, accessing, or distribution of obscene material
• Copyright violation (including possession or distribution of written, graphic, video, music or other media, such as MP3 files, which you are not legally authorized to possess or distribute).

Consequences of Misuse

Violations of the above terms of agreement may result in suspension of computing privileges, disciplinary review, termination of employment, and/or legal action. UNC will refer serious violations to the appropriate department for disciplinary action.

Classroom and Student Use

Faculty members who are going to use a Carolina CloudApps site as part of a class should inform students of and follow the online class statement that is required to be on all class syllabi.

Web Security Controls

The Carolina CloudApps team worked with the ITS Information Security Office to add some additional web security controls in front of the Carolina CloudApps service. Details about the security controls are available in the Carolina CloudApps: Web Security Controls document.

Idling

The Carolina CloudApps platform utilizes a feature called idling. This feature is an automatic process that evaluates every application on the platform to determine if it has been accessed recently. If it has not, the platform "idles" the application. This means the application is still available but it is in a paused state where it isn't actively using any resources. The next time the application is accessed and receives network traffic, it is returned to a running state. Additional information is available in the Carolina CloudApps: Idling document.

Additional Information

Learn more about security, privacy, and sensitive data at the Safe Computing at UNC site.