POLICIES ADMINISTRATIVE PRIVILEGES POLICY The following document applies to all university employees and computers, including Information Technology Services (ITS) employees and computers. Running a computer system with administrative privileges represents a significant risk to the confidentiality, integrity, security, and availability of the University's information assets. However, without elevated administrative privileges, a user cannot immediately install or update some software and/or hardware and must wait for ITS support, which causes an inconvenience for the user and increases the expense of maintaining the University’s computer assets. Therefore, under the direction of the university administration, ITS enables automated temporary access to elevated administrative privileges for each employee on their assigned computer to perform job-related duties. All university-owned computers must: • Be joined to the University’s active directory domain; • Have management software installed that facilitates hardware or software inventory for asset tracking, license compliance, software installation/upgrading, remote assistance, or troubleshooting; • Have active, properly configured security (anti-virus, malware, etc.) software; • Have service packs and/or patches deemed necessary by ITS.
NOTE: Exceptions to the above can be made by the Chief Information Officer.
Administrative Privileges Agreement Every university employee has automated temporary access to elevated administrative privileges for job- related duties on their university-assigned computer and is required to abide by the following: • Users will not alter the computer’s firewall, antivirus, or any other security software; • Users will not create any new user accounts or modify any existing accounts; • The ITS department will continue to provide operating system patches, application software patches, antivirus/malware updates through the system wide client management platform to all University owned computers. Users will not block or in any manner disable or revise any services on the computer that may prevent these or other routine maintenance procedures including scheduled antivirus/malware scans; • Users will maintain software licensing information for any software personally installed on their assigned computer; • User will not share their username or password with others (ITS can provide assistance in establishing options for securely sharing items between users); • Users will not install or use software that is considered insecure. If there are questions concerning the validity of any software, the user should contact ITS prior to installing; • Users agree that ITS has the right to temporarily block the computer from the university network at any time if the computer is suspected to be a security or support risk; • Users will be responsible for backing up their data. ITS will not be able to restore a configuration customized by the user. In the event of a computer failure, ITS will restore the original base image on the computer. The base image includes an operating system, and any software maintained by the ITS department;
4
Made with FlippingBook - PDF hosting