To protect our infrastructure and your data, a multifactor authentication requirement applies to most services and the VPN. For more information on how to set this up, please visit: https://intranet.th-deg.de/en/informationssicherheit/2mfa

The data centre offers secure access to the university's IT services via a so-called VPN (Virtual Private Network).

•     With the help of the VPN client, a secure connection (authentication, data is transmitted encrypted) to the data network of the Deggendorf University of Applied Sciences can be established. In principle, a tunnel is established over an existing Internet connection, so an existing Internet connection (of any type) is a prerequisite. Authentication takes place via the user ID of the university.
•     With a VPN connection, all users who dial into the university's network via the university WLAN "campus-vpn" or via external providers have the possibility to use all services that are restricted to the address range of the Deggendorf Institute of Technology (e.g. SZ-Online).
•     The security architecture for communication is established by IPsec (Internet Protocol Security) and guarantees a tap-proof transmission of data.
•     When establishing the VPN connection, the VPN client is automatically assigned an IP address from the address range of the Deggendorf Institute of Technology.
•     VPN-Clients and installation instructions are available for download (Prerequisite: Multifactor Authentication (MFA) setup at https://intranet.th-deg.de/en/informationssicherheit/2mfa).
•     If you have difficulties opening the timetables, please try again at a later time or log into the university network via VPN.

Why should I be careful when choosing a password?

Remember that if a password is misused, you as the authorised user can be held responsible for any damage (see § 4 User obligations in the user guidelines).
It is therefore important to find a password that is complicated enough so that others cannot guess it or find out about it using brute-force methods.
At the same time it must be memorable so that it can be typed in quickly without anyone else following the keystrokes on the keyboard.
It makes no sense to have passwords that you cannot remember and therefore have to be written down on notes etc.

What does a "bad" password look like?

•     Lexical terms that can be found in reference books
•     Personal names of all kinds and combinations thereof
•     Date of birth, telephone numbers, license plates etc.
•     Mirrored words (e.g. frodnegged)

What are the formal requirements for a password in the university domain?

•     The password must consist of at least 8 characters, at least 1 upper and 1 lower case letter and at least 1 number
•     Upper and lower case is distinguished
•     Do not use umlauts (ä, ö, ü, ß), otherwise no access to webmail is possible
•     When the computer centre logs in for the first time or resets a password, the user should change the default password for security reasons

How do I choose a "good" password?

One way is to choose a mnemonic with at least 8 words. The first letters of the words will then be the password. To increase security, at least one digit should appear in the sentence. A change between upper and lower case is also recommended.

Example: I like eating 2 pork knuckles in the dining hall. This results in the password: Ieg2SidM

Password change / forgotten

• Here you can change your Passwort (VPN required to change if you access from outside the university. If you have already stored your mobile phone number in Identity Management, you can use this link to reset your passwords to the default password even from outside without VPN)

If you have forgotten your password and you have not stored a mobile phone number in Identity Management, please send an e-mail with your scanned student ID to rz-support@th-deg.de.

You want to download complete directories or upload files or directories: Establish a VPN connection and then connect the corresponding network drive.

• Setting up VPN
• Setting up a  Network drive

The WLAN @BayernWLAN can be used by everyone on the Deggendorf campus and the associated technology campus. After connecting to the WLAN and calling up a website (Attention: no https) you only have to agree to the terms of use. Please note that data transmission in the BayernWLAN is unencrypted and you can only access internal services of the university with VPN.

These user guidelines apply to computer systems (computers), communication networks (networks) and other auxiliary information processing equipment that is provided for information processing purposes at the Deggendorf Institute of Technology within the scope of the tasks assigned to the universities by law (cf. Art.2 BayHSchG). They regulate the modalities of use of these facilities, in particular the rights and oblications of the users as well as the tasks of the system operators.

The so-called IV resources referred to in § 1, shall be available for members of the Deggendorf Institute ot Technology for the fulfilment of their research, teaching, study, continuing education and public relations tasks of the universities and for other tasks described in Art. 2 of the BayHSchG. The use of these resources may also be permitted for cooperation partners of teachers of the university in reasearch and teaching. Other people and institutions, especially members of the other universities, may be permitted to use these resources. Members of the Deggendorf Insitute of Technology shall contact either the IT centre or the organisational unit responsible for them (cf. § 3, paragraph 1).

Whoever wants to use IV resources according to § 1, requires a formal user authorisation fromt he responsible system operator. Excluded are services that are set up for anonymous access (e.g. information services, library services, short-term guest identification at conferences).

System operators are responsible for

• Central systems of the IT centre (RZ = Rechenzentrum)
• Decentralised systems of the responsible organisational units such as departments and other faculties of the Deggendorf Institute of Technology

The formal application for a user authorisation must be submitted to the computer centre and must contain the following information:

• Operator or organisational unit (department, central facility) from which the user authorisation is requested
• Systems for which the right of use is requested
• For natural people as applicant: name, address, date of birth, telephone number, student matriculation number, identity card number and membership of an organisational unit of the university
• If a user authorisation is requested by an organisational unit, the above information on the person responsible for the organisation must be provided
• Approximate information for the purpose of use, e.g. diploma thesis, research project, internship, training/teaching, administration
• A statement that the user acknowledges the user policy
• Entries for Information Services of the Deggendorf Institute of Technology (e.g. e-mail adress, information server WWW)

If the extent of the decentralised resources does not justify the effort of an own user administration, however, due to the network usage associated with the use of decentralised computers at least an acceptance of these user policies is required (automatically given with the proof of a user authorisation for the central systems).

The system operator may only request further information if it is absolutely necessary to decide on the application.

The responsible system operator decides on the application. he may make the granting of the right of use dependent on proof of certain knowledge of the use of the system. The application must be rejected if the applicant does not accept the user guidelines. The user authorisation may only be denied if

• It does not seem guaranteed that the applicant will fulfil its obligation as a user;
• The capacity of the installation whose use is requested is insufficient for the intended work because of an existing workload;
• The project is not compatible with the purposes pursuant to § 2;
• The installation is obviously unsuitable for the intended use or is reserved for special purposes;
• The installation to be used is connected to a network which must satisfy special data protection requirements and no objective reason for this access request is apparent;
• It is to be expected that he use applied for will not reasonably disturb other legitimate uses.

The right of use only entitles the user to work in connection with the use applied for. The right of use expires if the user is no longer a member of the Deggendorf Institute of Technology and no explicit agreement on cooperation (see § 2, para. 1) has been made.

The IV Resources according to § 1 may only be used for the purposes specified in §2. Use for other purposes, in particular for private or commercial purposes, may only be permitted upon application to the university and against payment.

The user is obliged to ensure that they use the available resources (workstations, CPU capacity, disk space, line capacities, peripheral devices and consumables) in a responsible and economically sensible manner. The user is obliged to refrain from interfering with the operation and to avoid to the best of his knowledge anything that could cause damage to the IV infrastructure or to other users.

Contracentions can also give rise to claims for damages in the event of negligence (§ 7). The user must refrain from any kind of misuse of the IV infrastructure. They are especially obliged to do so,

• To work exclusively with user identifications, the use of which has been permitted to him; the passing on of identifications and passwords is not permitted;
• To protect access to the IV resources by means of a password to be kept secret or an equivalent procedure;
• To take precautions to prevent unauthorised third parties from accessing the IV resources; this includes in particular avoiding obvious passwords, changing passwords more frequently and properly ending interactive sessions by logging out.

The user bears full responsibility for all actions taken under his used ID, even if these actions are taken by third parties to whom he has at least negligently provided access.

The user is furthermore obliged,

• To observe the legal regulations (copyright protection) when using software (sources, objects), documentation and other data;
• As a matter of principle, not to use any software other than that developed by him or made available by the system operators;
• To inform himself about the conditions under which the software, documentation or data, some of which are acquired under licence agreements, are made available and to observe these conditions;
• In particular not to copy or pass on software, documentation and data, unless expressly permitted, nor to use them for toher than the permitted purposes, in particular not for commercial purposes. 

Contraventions can also gie rise to claims for damages in cases of negligence (§ 7).

The IV infrastructure may only be used in a legally correct manner. It is expressly pointed out that the following conduct in particular is punishable under the Criminal Code (Strafgesetzbuch):

• Investigating foreign passwords, spying out data (§ 202 a StGB)
• Unauthorised modification, deletion, suppression or rendering unusable of data (§ 303 a StGB)
• Computer sabotage (§ 303 b StGB) and computer fraud (§ 263 a StGB)
• The dissemination of propaganda material of unconstitutional organisations (§86 StGB) or racist ideas (§ 131 StGB)
• The distribution of pornography on the internet (§ 184 para. 3 StGB)
• Retrieval or possession of documents containing child pornography (§ 184 (5) StGB)
• Offences of honour such as insult, defamation (§§ 185 ff StGB)

The Deggendorf Institute of Technology reserves the right to pursue criminal proceedings as well as civil law claims (§ 7). 

The user is not allowed to use the following without the consent of the responsible system operator

• To intervene in the hardware installation;
• Change the configuration of the operating systems or the network;
• Install Software other than that provided.

The authorisation to install software must be clarified with the system operator in each individual case.

The user is obliged to agree a plan for processing personal data with the system operator before beginning. This does not affect the obligations arising from the provisions of the Data Protection Act. The user is prohibited from takine note of and/or using messages intended for other users without authorisation. 

The user is obliged

• To observe the guidelines for use provided by the system operator;
• To comply with the usage and access guidelines of other operators when communicating with their computers and networks.

Each user is responsible for the effects of the programs they run. They must inform themselves sufficiently about the effects beforehand. 

Each system operator should keep a record of the user authorisations granted. The documentation must be kept for at least two years after the expiry of the authorisation. The system operator shall contribute in an appropriate manner, in particular in the form of regular spot checks, to prevent or detect misuse. In particular, he is entitled to

• To document and evaluate the activities of the users, as far as this serves the purpose of accounting, resource planning, monitoring of operations or tracking of errors and violation of the user guidelines as well as legal regulations;
• To inspect user directories and mailboxes on suspicion of violations of user regulations or criminal provisions with the involvement of a witness and the duty to record, or to record the network usage by the user in detail, e.g. using a network analyser;
• If the suspicion of criminal acts is confirmed, to use evidence-protection measures such as keystroke logging or network analyser. 

Furthermore, the system operator is entitled to carry out random checks to ensure that the systems are not being misused.

The system operator is obliged to maintain confidentiality. The system operator shall make known the contact people for the support of their users; if necessary, he hsall issue additional, supplementary user guidelines. The system operator is obliged to comply with the usage and access guidelines of other operators when dealing with their computers and networks.

The system operator does not warrant that the system functions will meet the specific requirements of  the user or that the system will operate without error or interruption. The system operator cannot guarantee the integrity (with regards to destruction, manipulation) and confidentiality of the date stored with him. The system operator shall not be liable for damages of any kind incurred by the user as a result of the use of the IV resources pursuant to § 1, with the exception of intentional behaviour on the part of the system operator or the people whose services the system operator uses to perform its tasks.

In the event of violations of statutory provisions or the provisions of these user guidelines, in particular

• Misuse of the IV resources according to § 1 for purposes other than those permitted,
• Violation of the user's obligations under § 4,
• Research of foreign passwords,
• Attempted break-ins into external systems, data stocks or computer networks or
• copyright infringement

the system operator can restrict or withdraw the user authorisation as long as proper use by the user does not appear to be guaranteed. It is irrelevant whether or not the violation resulted in material damage. 

In the case of serious and repeated violations, a user who cannot be expected to comply with the terms and conditions of use due to his behavious can be permanently excluded from the use of all IV resources according to § 1. The decision is made by the IT centre (RZ), in agreement with the management of the University of Applied Sciences, for the entire scope of these usage guidelines. Violation against legal regulations or against the provisions of these usage guidelines will be checked for their relevance under criminal law as well as for civil law claims. The system operators are obliged to notify the Registrat of the Deggendorf Institute of Technology of any facts that appear to be of relevance under criminal and civil law, who will examine whether appropriate further steps can be taken. The Deggendorf Institute of Technology expressly reserves the right to prosecute criminal steps as well as civil law claims.

Fees for the use of IV resources may be set in separate regulations. For certain systems, supplementary or deviating usage regulations may be laid down as required. The place of jurisdiction for all legal claims arising from the use relationship is Deggendorf.

The user regulations refer to the DFN services which are provided on the basis of the German Research Network WiN and which serve to provide a high-performance and interference-free communication infrastructure for the institutions using it. On the one hand, this refers to the WiN with transitions to other networks that are provided for communication, on the other hand to the infrastructure for electronic mail (e.g. gateways and relays) and information services.

Each institution involved in DFN is responsible for the performance of the tasks of network administrator, postmaster and those responsible for applications as well as for consulting and training. The tasks do not necessarily have to be performed by different people in the institution. Depending on the size of the institution, one person will perform more than one of the tasks described. However, it is necessary that each institution entrusts the taks to the people responsible for the functions described. The people entrusted with these functions should be obliged to follow the roung strategies agreed upon within DFN-Verein (e.g. IP routing, mail routing).

2.1 Network administrator function

DFN-Verein recommends that the local network administratot will be assigned the following tasks: The network administrator ensures

• The security and sagety of network access,
• The functionality of the sub-mediation,
• Network management (router configuration and management, IP host address assignment),
• The domain administration (operation of the name server, administration of the zone data and domain name assignment),
• The structuring of the data flows, error detection,
• Error message and, if necessary, troubleshooting,
• Ensuring uninterrupted operational readiness,
• The contact to Telekom and DFN Verein to ensure trouble-free WiN access

2.2 Postmaster function

To ensure the smooth running of the mail service, a postmaster should be appointed to perform the following tasks:

• Providing the mail service at local level,
• Maintenance of the address tables,
• Contact point in case of mail problems for end users and for operators of gateway and relay services.

2.3 Function of a person responsible for applications

A person responsible for applications should be appointed for the following tasks:

• Maintenance of the services offered (Mail server, news server, FTP server),
• Maintenance of other communication services,
• Error management.

2.4 Advisory and training function

The performance of this function is necessary to avoid misuse by the end users. It consists of the following tasks:

• Providing a telephone helpline during working hours,
• Provision of information and training material,
• Information on the effects of misconduct on end users.

3.1 Abusive use

The use of the DFN services is abusive if the behaviour of the users violates relevant protective regulations (e.g. criminal law, youth protection law, data protection law). Due to their expertise, users of the communications services must be aware of the respective relevance, in particular under criminal law, of computer crimes, the distribution of pornographic images and writings or the theft, alteration or other manipulation of data and programmes. This expertise also relates to the sensitivity of the transmission of data that is likely to impair the personal rights of others and/or their privacy or to violate existing copyrights or licenses based on them. Abusive use is also defined as use that fulfils the following, not exhaustively listed circumstances:

• Unauthorised access to data and programmes, i.e. unauthorised access to information and resources of other autorised users without their consent
• Destruction of data and programmes, i.e. falsification and/or destruction of information of other users - in particular also by "infection" with computer viruses
• Network obstructions, i.e. obstructions and/or disturbances of the network operation or other network users, e.g. by
  • unsecured experimentation on the net, for example by trying to "crack" passwords,
  • unannounced and/or unfounded massive loading of the network to the detriment of other users or third parties.

3.2 Recommendations to the user facilities to prevent abuse

When it comes to abuse of DFN services, a rough distinction can be made between abuse due to ignorance, negligent and intentional abuse. Depending on the type of abuse, different activities are required to prevent it. They range from informing users, to increased technical security measures, to the threat of exclusion from use and liability for culpably caused damage. By carrying out the required training and counselling function and by educating other users about the effects of incorrect usage behaviour on other users, abuse arising from ignorance and negligent misuse can be counteracted. This includes in particular requiring end-users to keep all passwords needed to access communications services confidential and encouraging them to choose passwords which cannot be decrypted by simple cracking programmes. 

In addition, providers of communications services should. to a reasonable extent, provide procedures to safeguard and protect the personal nature and confidentiality of messaged or sensitive data exchanged by electronic means. Depending on the security relevance of the data, the following is recommended:

• Use the security mechanisms provided by the manufacturer (e.g. password protection),
• Application of topological measures (separation of security relevant systems by routers and bridges),
• Network monitoring (e.g. logging of accesses),
• Compliance with security classses (see "Criteria for the Evaluation of the Security of Information Technology Systems" (ITSEC), Luxembourg 1991).

In cases where users are granted unrestricted access to certain data sets, appropriate measures shall be taken to ensure that users cannot gain unauthorised access to further non-public data sets in this way. Furthermore, the operators are obliged to support DFN-Verein to a reasonable extent in detecting and preventing unauthorised use.

In addition, local rules and regulations are to be used to draw the attention of end users to the permissible use of communications services and the effects of misconduct or to warn them against misuse.

The institutions using the German Research Network are obliged to familiarise their end users with the user regulations and the relevant contracts with DFN-Verein.

In case of violations of the user regulations, the facilities using the German Research Network are obliged to stop the abuse immediately and to inform each other. 

If it is necessary to protect the interests of all facilities which use the communications services of DFN-Verein, unauthorised use may lead to the exclusion of individual people or facilities from using the services offered or parts thereof. In particularly serious cases where the unauthorised use constitutes a violation of applicable law, civil or criminal proceedings may be initiated.

Only people in possession of a valid personal user ID are entitles to use the data processing equipment of the Deggendorf Institute of Technology. Violations of the user guidelines or the regulations for the user of information systems of the Deggendorf Institute of Technology may lead to the (temporary) revocation of the user's autorisation and, if necessary, to recourse claims. The IT laboratories can be used during the current opening hours (see notice board). Outside these house, a special permit is required (e.g. for a diplima thesis). Access is only permitted with your own user ID. Anyone logging on to a system with a different user ID will be temporarily excluded from computing operations. After clarification of the facts, further measures can be taken. The same applies if an attempt is made to spy on access data or other protected data. This also includes the use of any kind of sniffer.

Each user can access 25 Gigabytes of storage volume within his cloud directory.

The storage space for personal mailboxes is also limited to 1 Gigabyte. If this limit is exceeded, e-mails can neither be received nor sent. Old messages must then be deleted.

For the use of the university's own printers, students are charged a contribution towards expenses in the following amount:

Before starting work on a computer, check that all components of the workstation, as far as accessible, are in perfect condition. Any faults must be reported immediately to the supervisory staff or the computer centre. The manuals require for the respective application can, if available, be borrowed from the supervisor for the duration of the session against deposit of the student or identity card. Manuals can be borrowed for a limited time for use outside the computer pool from the stock of the computer centre or the department, provided that a deposit of an appropriate amount has been paid and a borrowing slip has been completed in full. The instructions in the manuals are authoritative for the operation of the equipment - especially in the event of a fault. Furthermore, the supervisory staff is available to answer questions. Smoking, eating or drinking is not permitted in the rooms in which workstation computers are located. The user must behave in such a way that other users are not disturbed. The instructions of the supervisory staff must be followed. The workplace printers are supplied with paper by the supervisory staff. Paper or copyable foils other than those provided may only be inserted by a supervisor. Further working materials than those mentioned above will not be provided. Only equipment procured by the university and known to the computer centre my be operated on the university network. In particular, it is prohibited to connect notebooks brough along to the data network. Contraventions will be punished.

The installation of software on computer systems of the university is prohibited. If a software is required for certain work (e.g. diploma thesis), a valid license must be available and may have to be procured first. Consultation with the laboratory engineer and/or the computer centre is required in any case. The computer centre carries out regular spot checks. If software is discovered that was installed by the computer centre or a laboratory engineer, the user's ID is temporarily withdrawn. Virus monitors are installed on the computers. Anyone who discovers a virus must remove it immediately and inform the computer centre. The downloading of viruses and Trojan horses is prohibited. Not even for any test purposes. The download of MP3 files from the internet is prohibited. The same applies to streaming audio (listening to the radio at work). Excluded from this are data intended for teaching purposes. It is also forbidden to keep MP3 files on data carriers of the unversity and to offer them! However, it is possible to bring and play your own data carriers (LS 120, CD) with appropriate content. Copying the programmes provided in the computer pools as well as the accompanying and documentation material is strictly prohibited. Exceptions are only permitted if the copying has been approved by the authors or authorised users or by the management of the computer centre. If problems occur when handling software or hardware, the user must first attempt to solve the problem himself. The source of information is e.g. the intranet with FAQs and instructions. 

The following protocols are recorded by the computer centre:

• Registrations and de-registrations at the computer systems
• Access to internal and external web servers
• Incoming and outgoing e-mails (only addresses, not content)
• Print jobs with server, time stamp, page number and print title

Log files with personal data are stored for a period of 6 months. Log files without personal data can be archived indefinitely. A user's log files will only be inspected by the management of the computer centre together with the data protection officer and, depending on the user's affiliation, by a student representative or amemeber of the staff council in the event of a justified suspicion. The log files are evaluated at regular intervals for statistical purposes and resource planning. Personal data is not affected by this.

The inventory must be treated with care. The user is liable for all damages caused by him. The user is responsible for correctly shutting down the operating system and switching off the devices (with monitor and possibly connected printers!). Exception: Courses are still taking place in the room in question afterwards. Computers that provide a server service (e.g. print servers) must not be shut down during the day. The last person to leave the room is responsible for switching off all equipment. Rules of conduct for e-mail communication: keep e-mails small! There are users who read their e-mails at home and have to wait more than 10 minutes for an e-mail of the appropriate size. Attention! When inserting files into an e-mail, the resulting e-mail can become very larger. To test this, send the e-mail to yourself first and then send it to a larger group of recipients! Keep the address list small! Use distribution lists, do not simply add all e-mail recipients to the mailing list. Pay attention to contents! Especially if the mailing list also contains employees! Offers/requests for sale or similar have no place in the email system of the university. The message service is primarily activated for system services. The use is allowed from user to user, but not the sending of messages to user or computer groups.

In the event of violations of the above regulations, the computer centre will withdraw the user authorisation for one to two weeks in the case of minor offences. After this period has elapsed, the person concerned must submit a written statement (approx. on DIN A4 page) on his or her conduct. The computer centre will then decide on the basis of the statement and the facts of the case whether the user will be granted access again or whether further measures are necessary. In particularly serious cases, the user can be permanently excluded from computer operation. If a violation is a more serious case or if there is even a criminal complaint from outside, the facts of the case are forwarded to the responsible department or to the Registrat of the Institute of Technology. After examining the facts of the case, a criminal complaint can also be filed against the user.

These terms of use are valid as of official announcement. If a new version of these regulations is published, the old version loses its validity and the new version comes into force. Anyone who does not rais an objection within a period of 14 days acknowledges the new regulations. In the other case, if the user does not agree with the terms of use, he loses a legal basis for his user identification, which will then be closed.