Acceptable Use Policy
This Acceptable Use Policy (“AUP”) is applicable to all clients (individually a “Client” and collectively “Clients”), including their direct or indirect end users that receive or use any service or resource from Navisite, LLC and or Navisite Europe Limited (as applicable “Navisite”).
Acceptable Use of Navisite Service
Navisite service(s) means the services as defined and purchased by Clients in their applicable agreement with Navisite. When Clients use, access and or perform activities on their service environment, data and content, Clients are responsible for ensuring these activities do not impose any risk to, or negatively impact Navisite, other Clients and or third-party sites or systems associated with or supported by Navisite.
A Client may not use or access or allow or cause any third-party to use or access Navisite’s network or services to engage in, foster or promote illegal, abusive or irresponsible behavior, including but not limited to:
- gaining, or attempting to gain, unauthorized access to any system or network, including any attempt to probe, scan, or test the vulnerability of a system or network or to breach security or authentication measures without the express authorization and consent of the owner of the system or network;
- sending unsolicited mass e-mail or other messages or communication in any form, commonly referred to as spam;
- altering, defacing or otherwise causing any unauthorized or unapproved modification of any system belonging to Navisite, any Client or any other system on the Internet;
- storing, transmitting or processing material in a manner that violates intellectual property rights or laws or regulations, including, without limitation, those associated with trade secrets, copyrights, patents and trademarks;
- violating the privacy rights of others, including, without limitation, the collection of information about individuals, including e-mail addresses, screen names or other identifiers without their knowledge or consent (e.g., phishing, Internet scamming, password robbery, spidering and harvesting), except as allowed by applicable laws and regulations;
- transmitting or storing any material that is unlawful, obscene, harassing, libelous, abusive or hateful; that encourages unlawful acts; or that may be interpreted as violating the civil rights of others;
- engaging in, or permitting, any activity that leads to a degradation or denial of service for Navisite, its Client or any other system or site on the Internet;
- intentionally, recklessly or negligently omitting, forging, deleting or misrepresenting transmission information—including, without limitation, headers, return-address information and IP addresses—that is intended to cloak or hide the identity or source of information transmitted by a Client’s system, clients or end users; or
- engaging in, or permitting, any activity that results in the overutilization of power circuits.
If a Client become aware of any such prohibited activity, then Client agrees to immediately (i) notify Navisite, and (ii) commence remediating the prohibited activity to the best of their ability.
Clients are responsible for ensuring that security controls are not circumvented by its acts or omissions.
In addition, Clients shall not:
- configure their systems to bypass security controls, including, without limitation, the installation of programs or services that allow the systems to be managed or accessed insecurely or through unauthorized means;
- conduct online security audits or tests against or through Navisite systems or networks without prior notification to Navisite;
- management, backup, storage or monitoring systems;
- install programs or configure systems to allow the monitoring, or “sniffing,” of data traveling over a shared network;
- access, or attempt to access, security-relevant information, such as password files that may, among other things, be used to gain unauthorized access to system accounts;
- install or use software for the purpose of cracking encrypted data, including, without limitation, stored passwords;
- remove or disable security software or services, including, without limitation anti-virus software, logging utilities or authentication services without prior notification to Navisite;
- misuse any accounts on their systems located at or monitored by Navisite;
- fail to implement measures and procedures to ensure that its systems are not accessed or used in an unauthorized manner;
- fail to deliver to Navisite a list of authorized individuals and accounts that are permitted to remotely access a Client’s systems managed by Navisite;
- fail to notify Navisite in writing if a user no longer requires remote access to Client’s site – such notification must be received by Navisite at least five business days in advance of the date that the access is to be cancelled; and
- transfer remote-access accounts from one individual to another, nor shall they be shared between individuals without prior notification to Navisite. Each user shall have an individual remote-access account that uniquely and accurately identifies the owner of the account.
Clients assume all responsibility for any adverse consequences that result from the use of their accounts by an individual that was granted access by Client.
Violations and Remedies
Navisite reserves the right to audit, test, and investigate the security of Clients sites in an effort to ensure that security protections are maintained and that Clients sites and systems do not bypass, or allow others to bypass, Navisite security controls. If Navisite believes that systems located within the Navisite facilities and/or the Navisite environment are being used in an unlawful or improper manner or for unlawful or improper activities, Navisite will fully cooperate with civil and criminal enforcement authorities conducting investigations of such use or activities. Navisite supports the investigation of prohibited activities as listed above and/or any other activities that may impact the operation or security of Navisite, Clients or other systems accessible by Clients.
Navisite may suspend any services without notice to or approval from a Client if Navisite, in its sole discretion, deems such suspension is necessary to protect its systems, facilities or interests or those of Clients, including, without limitation, in response to any perceived threat of a computer virus, exploit scripts or other malicious software or denial-of-service attack (in each case, from any source). Navisite will use commercially reasonable efforts to notify Clients prior to such suspension.
Notwithstanding anything to the contrary herein, Navisite retains the sole right to determine the whether a violation of this AUP has occurred and the severity of any such violation. Navisite will endeavor to work with Clients to address violations of this AUP but is not required to do so if immediate action is required. Based on the severity of the violation or the number or nature of violations of this AUP by Clients, Navisite retains the sole right to suspend or terminate a Client’s services without notice or approval by such Client.
General Terms and Conditions Regarding this Policy
CLIENTS AGREE TO BE BOUND BY THIS AUP. From time to time, Navisite may modify this AUP. By using the Navisite services or facilities after any such modifications, Clients agree to those modifications. In the event that any provision of this AUP and any other contractual provision between a Client and Navisite are inconsistent or conflicting, the inconsistent or conflicting provisions of this AUP shall control.