|
Section: 2200s - Technology Advancement & Support |
Last Review Date: 10/02/2023 |
|
Responsible Area: Technology Advancement & Support |
Effective Date: 10/02/2023 |
|
Policy/policies the procedure is based on: 1138 |
Revision History: New 8/30/2019; Revised 10/02/2023 |
1.0 Scope
The procedure applies to all users of information technology within the College.
2.0 Purpose
This procedure outlines the process for obtaining administrative rights on a College owned device and equipment.
3.0 Definitions
3.1 Data Managers – Individuals who have responsibility to ensure the quality and usability of their group’s data and controls access to it.
Procedure
User access rights are driven by a “Least Privilege” access model. Least Privilege access is established as the permission provided to the minimal required access by users based on roles, responsibilities and job description guidance.
Maintenance and support of all college computers is the sole responsibility of the Technology Advancement and Support (TAS) Department. All other individuals are prohibited from installing or modifying computer hardware or software on college owned computers unless prior authorization has been granted by the Chief Information Officer (CIO), or Designee, within the TAS Department.
In order to reduce the risks associated with malicious software compromising College systems, non-licensed installs, or changes to configurations, College computers are deployed with basic user rights.
a. Under special circumstances, some employees may require local administrative privileges. Special circumstance may include:
b. Where administrative rights are required to access and use certain software which otherwise is unable to be reasonably supported through TAS administration.
c. When an employee frequently works away from campus and requires local administrative rights to carry out duties.
d. Requirements to complete specific job functions and tasks associated with job description and duties. An example may include TAS staff and personnel
Employees may request administrative rights for their College issued device by filling out a Computer Administrative Rights Request Form available from the Support Center. The employees will need to explain the request for administrative rights. Signoff review and approval is required from the Data Manager, respective President’s Staff member and the CIO on the request. Data Managers responsibilities follow the same expectations identified in Procedure 2202 Access Control with request and approval of employee/subordinate access.
As a condition of receiving administrative rights, the employee must agree to the terms on the Computer Administrative Rights Request Form and comply with all college expectations, behavior, ethics and standards while maintaining such rights. Employee administrative rights will be reviewed periodically by TAS and subject to access removal if conditions warrant.
Information Services may revoke administrative rights from any employee at any time, for any valid reason, and without prior notice at the direction of the College President or CIO.
5.0 Inquiries
Direct Inquiries about this procedure to: CIO
