IT Resource Security Standards - User Accounts
When accessing critical or sensitive University systems, users are to have one unique account for that system. In addition:
- Accounts should only exist
for those users who need access to that system.
- Each user should have a
unique logon identifier, such as a name or number.
- Where applicable, guest or
anonymous accounts should be disabled.
- When an individual transfers
to another department or leaves the University, all accounts associated to
them are to be immediately disabled and/or deleted. Procedures should exist where department
heads or supervisors notify system Administrators immediately.