Cyber Range Poulsbo

Acceptable Use Policy

Effective Date: April 16, 2024

Please read the terms of this policy carefully before using Cyber Range Poulsbo.

This acceptable use policy (AUP) sets out the standards that apply when using Cyber Range Poulsbo. By using Cyber Range Poulsbo, you confirm that you accept the terms of this policy and that you agree to comply with them. If you do not agree, do not use the use cyber range.

Policy

All users of Cyber Range Poulsbo must acknowledge having read, and agree to abide by, the AUP.

Modification

The AUP may be modified at any time.

Purpose

Cyber Range Poulsbo (“Cyber Range”) provides access to a technology platform, including systems, networks, interfaces, and other resources (collectively, the “Services”) to support cybersecurity education. This policy is designed to establish acceptable and appropriate use of the Services.

Applicability

This policy applies to anyone using the Services or any of its resources, including, but not limited to, students, faculty, staff, collaborators, and visitors. 

Guiding Principles

1. The Cyber Range offers powerful tools for cybersecurity education and research among academic communities of all learning levels.

2. Users are encouraged to make innovative and creative use of the Services in support of cybersecurity education and research. 

Acceptable Use of the Cyber Range 

The Services are to be used for cybersecurity educational training, research, and collaboration. Examples of such use include, but are not limited to instruction, learning, exercise, enrichment, research, collaboration, contribution of scholarly information, and administrative activities. Cyber Range resources are finite and should be used wisely and carefully with consideration for the needs of others. 

Responsibilities: To ensure accountability of actions and resources, each person who has access to the Services must have an individual account. Sharing of accounts and passwords or authorization methods is prohibited. 

Unacceptable Use of the Cyber Range: The use of the Services in a manner which is unacceptable may subject the person(s) involved to loss of all privileges to the Cyber Range, possible disciplinary actions at the user’s institution, or criminal prosecution.

Unacceptable uses of the Cyber Range include, but are not limited to:

  • Cloning malware of any type (e.g., viruses, worms, trojans, bots, ransomware, spyware, adware, rootkits) without Cyber Range authorization and advanced environment setup
  • Commercial or business use for the profit of an individual or company 
  • Any use of the Services to obtain access to an outside network for which the person has not be authorized or in a manner that knowingly violates the policies of the owner of the system/network - Any attempt to modify, impede, or deny access to any system, data, network, file, document, or service outside the confines of the Cyber Range
  • Any activity that interferes with legitimate activities of anyone outside the Cyber Range
  • Deliberate unauthorized destruction of Cyber Range data or other resources
  • Any use of the Services to engage in illegal or unethical activities

You also agree not to access without authority, interfere with, damage, or disrupt:

  • Any part of the Cyber Range
  • Any equipment or network on which the Services are stored
  • Any software used in the provision of the Services
  • Any equipment or network or software owned or used by any third party 

 

Data Protection and Privacy

While respecting confidentiality and privacy, the Cyber Range reserves the right to examine all computer systems and electronic resources within the Cyber Range. The Cyber Range takes this step to safeguard the integrity of computers, networks, and data either on the platform or elsewhere and to protect the Cyber Range against seriously damaging consequences. 

The Family Educational Rights and Privacy Act (FERPA) affords students certain privacy rights with respect to their education records. Users are required to maintain compliance with FERPA. The Cyber Range shall comply with the requirements of FERPA and shall only disclose student education records to the extent authorized under FERPA.

Data will be released to the student’s Institution as follows:

  • Only to the instructor as a part of scoring or other grading needs
  • In the case of policy violations by the student 
  • As required by applicable law Please read our Privacy Policy for information on the collection, use, and disclosure of your personal data. 

 

Enforcement

The Cyber Range may restrict the use of its Services when faced with evidence of violation of its policies.

Abuse of Cyber Range privileges will subject the user to disciplinary actions. The Cyber Range may notify the user’s home institution of violations of these policies or other actions taken while using the Services which are unlawful, inappropriate, abusive, or which violate the home institution’s policies. In these cases, the Cyber Range may request, or the home institution may undertake upon its own initiative, actions to address the issue.

The Cyber Range will comply with, and respond to, all validly issued legal processes, including subpoenas.

The Cyber Range reserves the right to remove or limit access to its Services, and to remove or limit access to material.

All users of the Services are bound by federal and state laws relating to civil rights, harassment, copyright, security, and other statues relating to electronic media. This policy does not preclude enforcement under the laws and regulations of the United States of America. All users are expected to conduct themselves consistent with these responsibilities. 

Users of the Services are invited to report incidents and abuse of this policy to CyberRange@wwu.edu.