Re: Exceptions to not keeping accounts for ex-employees

[Theresa M Rowe <rowe () OAKLAND EDU>]

We tell departments that they can sponsor the account for 1 year for $100.  As soon as we put a price on it, most of 
the requests disappear.  Those that do sponsor seem to really need it.

For the record:
* Administrative accounts are removed 24-48 hours after a termination date is entered into our Banner system.
* Student and alumni accounts are removed after 1 year of not registering.
* Faculty accounts are removed 1 year after termination date is entered into our Banner system, UNLESS the faculty 
member retired and a special flag is entered in our Banner system (meaning that they requested to keep the account). 
Retired faculty with the flag keep the account until they request it dropped or a deceased date is entered in our 
Banner system.

Anyone needing an account after those posted end dates have to have a department sponsor them, and the sponsoring 
department must pay the $100 fee (one time, renewed annually at no charge).

Theresa

---- Original message ----
> Date: Fri, 20 Jul 2007 11:54:10 -0400
> From: Michael Fox <Mfox () GEORGIASOUTHERN EDU>
> Subject: [SECURITY] Exceptions to not keeping accounts for ex-employees
> To: SECURITY () LISTSERV EDUCAUSE EDU
>
> We have a policy for what to do with accounts of employees that are no longer employed at our university. What we are 
> dealing with (seemingly on a more frequent basis) is the request for keeping the account active or available for 
> longer. We have had requests for up to 9 months. The reasons vary, some are just nonsense and some have what seem to 
> be legitimate reasons.
>
> Most of these are for e-mail accounts, but we have had a few for other accounts. Right now our e-mail accounts are 
> separate from all other accounts so the account team has the ability to disable and remove other accounts more 
> sensitive (Banner, PeopleSoft, etc).
>
> What I would like to ask is what criteria do other schools use for the exceptions (if you do allow exceptions)? Also 
> if you do allow exceptions what are some of the limits you put on the exceptions.
>
> To be honest 99% of the requests for exceptions can be handled by advanced preparation of the employee and the 
> department  but I haven't gotten others to agree to this (yet).
>
> Any input would be helpful and appreciated.
>
> Thanks,
> Mike
>
> Mike Fox
> Georgia Southern University
> Information Technology Services
> Office of Information Security
> mfox () georgiasouthern edu
> (912)871-1592
>
> Jeremiah 29:11-16
>
> NOTE: This email message is intended only for the named recipient(s) above
> and may contain information that is privileged, confidential, and or exempt
> from disclosure under applicable law. If you have received this message in
> error, or are not the named recipient(s), please immediately contact the
> sender and delete this email message.
Theresa Rowe
Assistant Vice President
University Technology Services
www.oakland.edu/uts - the latest news from University Technology Services