• No results found

IT Services Standard Faculty Service Access

N/A
N/A
Protected

Academic year: 2021

Share "IT Services Standard Faculty Service Access"

Copied!
6
0
0

Loading.... (view fulltext now)

Full text

(1)

IT Services Standard

Faculty Service Access

Revision and Review

Revision History

Version Version Date

Status Summary of Changes Author

0.1 Oct 8, 2013 Draft Initial Draft Kevin Vadnais 0.2 Nov 7, 2013 Draft Modifications as

suggested by ITS leaders, as well as changes to include the retention of academic staff data until a more formal project can decide on permanent action.

Kevin Vadnais, Project Team, ITS Leaders

1.0 Nov 18, 2103 Final Added Appendix A and made final formatting changes

Kevin Vadnais

1.1 Nov 29, 2013 Update Changed some aspects of

the Library Services Leona Jacobs

Document Reviews

Reviewer Name and Title Date

Darren Schell, Manager, Transformation Solutions Nov 7, 2013

(2)

Authority & Alignment

Authority

UNIVERSITY OF LETHBRIDGE

INFORMATION AND TECHNOLOGY MANAGEMENT POLICY

Subsection 4 – Privacy, Information Security, and Identity Management Subsection 5 – Information Management

Alignment

Provincial Post-Secondary System ITM Strategic Direction Priority High Quality Teaching and Learning Environment

Overview

This standard specifies the terms and conditions of granting and revoking access to University Services for faculty members.

Scope

This Standard applies to all accounts held by academic staff defined as individuals appointed as academic staff by the University of Lethbridge Board of Governors . This includes both full time and part time positions as well as sessional instructors.

This document applies only to the process of granting and revoking access to email and data services, and does not cover any aspect of email or data storage/retention.

Compliance & Exceptions

Exceptions to this standard must follow the exception process defined below.

Failure to comply with this standard may result in disciplinary action. Disciplinary actions shall follow established University policies and procedures and shall be in accordance with the applicable Faculty Handbook, Sessional Lecturers Handbook, collective agreement and employee manuals.

Standard Requirements

Access to University services for academic staff members happens automatically upon the successfully processing of a Payroll Authorization Form (PAF) in the Banner ERP system. These services include the following:

1. Email – a business email account

(3)

3. VPN – Access to the Virtual Private Network software for connecting to campus network resources from off-campus.

4. A backed up storage space for working files. This storage space is backed up and accessible from any computer logged into on campus.

5. Library services

6. Other various security groups as required for administrative purposes and access to network shared storage spaces.

Some services not specified by this standard may require additional forms to be filled out, but these requests will be dealt with on a case-by-case basis.

These services will remain in place throughout the academic staff member’s career at the University. When the academic staff member terminates employment with the University, actions are taken to remove access to these services. The revocation of each service is as follows:

1. VPN, Security Groups and Wireless – Access to these services is removed on the effective date of termination.

2. Email – Access to their business email will be removed immediately after the effective date of termination passes. If business needs require it, services can be accessed again through the exception process outlined below. For a short amount of time, an automated message will be created to inform senders that the account is no longer active and they should direct their correspondence to a different source.

a. For those Academic staff who are retiring from the University in good standing, provisions will be made to retain their email services as recognition of service.

b. The contents of an Academic staff member’s email will not be deleted after termination of employment with the University. His/her mailbox will be archived and stored for data retention purposes

3. File Services – Access to the content on the file storage space will be removed immediately after the effective date of termination passes and can be granted back using the exception process outlined below.

a. Academic staff member file and web content located on University storage will not be deleted after termination of employment with the University.

4. Library Services – continued access to library services will be determined by the Library’s Access Policy (to information resources and as approved by the

University’s General Faculties Council).

5. Section 2.b and 3.a will only be carried out until a project has been completed that addresses academic and research data retention issues. These sections are

(4)

not intended to be a permanent operational activity and will be removed once the retention project has concluded.

Exception Process

Any exceptions to this policy must be approved in writing by the chair of the academic staff member’s department, the Dean or Librarian of the respective

Faculty/Department/School, and the Provost, subject to the Faculty Handbook and Sessional Lecturers Handbook. Each request will then be processed by the Information Security Office. The exception request form must include the following information:

1. The account holder information (name, username, contact method)

2. The details of the exception (what service is being altered, why the exception is required)

3. The dates for the duration of the exception (start date, end date) 4. Authorizing signature of the Chair, Dean, and Provost.

Related Content

Type Title

Policy Information and Technology Management Policy

Data Classification The information in this document is classified as: Public.

Measurement

• Active access for academic staff members should not be discovered during annual audits after their terminations have been processed, with the exception of retiree’s email services.

• 100% of all exceptions will have associated forms available for auditing purposes upon request

Contact Kevin Vadnais – Manager, Information Security Office

(5)

Authorization & Signature

_______________________________________ ___________________

(6)

Appendix A – Exception Guidelines

There are some circumstances where individuals may be members of multiple user groups. This may lead to confusion about which set of standards should apply in a given situation. This appendix is meant to offer some suggestions where a clear exception case is not evident. As new situations arise that require clarity, this section will be updated appropriately.

1. A continuing employee or academic staff member who is also registered as a student is terminated. In this situation, it would be advisable to do the following:

a. Treat the termination as an employee/academic staff termination and remove access to the email address and staff file services immediately. b. Rename the account to a new email address for the individual and modify

affected class/student mailing lists to ensure continued receipt of student related materials. This prevents future business correspondence from arriving in the students email account.

2. A continuing employee or academic staff member who also has alumni status is terminated. In this situation, it would be advisable to do the following:

a. Treat the termination as an employee/academic staff termination and remove access to email and staff file services immediately.

b. If not previously done, create a new alumni email address for the individual (@alumni.uleth.ca). This prevents future business correspondence from arriving in the individual’s email account. A message indicating the new alumni status and address may be added to the terminated employee email account to help redirect personal communications.

References

Related documents

An analysis of the economic contribution of the software industry examined the effect of software activity on the Lebanese economy by measuring it in terms of output and value

which will inherit transgenerational trauma. Effia’s branch is marked by the transmission of cultural knowledge and the conflict between the Fante and Asante tribes, which

Keywords: national policy, dual citizenship, naturalisation, minority policy Tibor Toró: The Hungarian Communities from the Neighbouring Countries after the Law of

With all four financing mechanisms, price control results in a price decrease in both the monopolistic and the competitive region due to the incumbent ’s strong market power.. There

○ If BP elevated, think primary aldosteronism, Cushing’s, renal artery stenosis, ○ If BP normal, think hypomagnesemia, severe hypoK, Bartter’s, NaHCO3,

discharged from the trust, or refuses or becomes, in the opinion of a principal civil court of original jurisdiction, unfit or personally incapable to act in the trust, or accepts

The summary resource report prepared by North Atlantic is based on a 43-101 Compliant Resource Report prepared by M. Holter, Consulting Professional Engineer,