Pouta Terms and Conditions
Providing services to others from Pouta
- Users are reminded that Pouta must only be used for the Purpose agreed in their User/Resource application or other agreement concerning the use.
- Pouta can only be used to provide services for academic research and higher education by Finnish universities and polytechnics, unless agreed otherwise.
Access for 3rd party technical assistance and support
- Users may request additional CSC user accounts for technical specialists to operate, manage or configure their resources if it assists with the agreed purpose of the project.
- Virtual machines can be directly connected to the internet, therefore you must ensure that your machines are secure.
- Users are responsible for managing their access control lists, firewalls, user accounts and all other access control methods.
- Users are responsible for maintaining operating system and applications security. We recommend applying all applicable security updates automatically or otherwise at regular and well managed intervals.
For CSC recommendations on how to implement these requirements see Pouta Security Best Practices.
Content and data management responsibilities
- Content means any data you upload to the service or create using the service. This includes virtual machine images, snapshots and volumes.
- Most Content is not backed up and it is the customers' responsibility to manage their Content. The servers providing the service and user metadata are backed up so we can restore the service in case of failures. However all the places where users can store data including Volumes, Virtual machines and Ephemeral storage are not backed up. It's the users responsibility to make backups of data as needed.
Access to User Content
- Scanning of virtual machine images for prohibited applications.
- Scanning the listening network ports of active virtual machines.
- CSC has the right to do passive network monitoring for intrusion detection (IDS) purposes. This monitoring can occur without suspicion of intrusion.
- Users are reminded to consider the design and reliability of the Pouta service and plan accordingly.
- Pouta alone is not suitable for hosting mission critical applications.
- User instances (virtual machines) can be lost or corrupted due to hardware failure, system error, administrator error or user errors.