Re: Retiree Account Privileges

[Theresa Rowe <rowe () OAKLAND EDU>]

> ·         Do you allow retired faculty and/or staff to keep their e-mail
> accounts?

Special faculty marked as emeritus only. No to all others.  We don't want
to negotiate agreements across the board to include all the things that can
be accessed from the account. We don't want the e-evidence overhead. And we
had an issue years ago with someone misrepresenting their current
relationship that was difficult to manage, which led to the policy.
Theresa


> If you do provide retirees with e-mail accounts…
>
>
>
> ·         How do you determine a retiree from a person who just resigns?
>
>
>
> ·         Do you put them on a separate domain such as alumni or retired?
>
>
>
> ·         Do you provide a full mailbox service or just an e-mail forward?
>
>
>
> ·         Do you purge their existing mailbox contents and have them
> start fresh to protect institutional data?
>
>
>
> ·         How long do they get to keep their account or forward?  A time
> period and then a renewal?  Based on activity?
>
>
>
> We’re a recently migrated Office365 shop.  Our tentative plan to is to
> offer a new empty mailbox connected to the previous SMTP address in our
> main domain to those who meet the agreed upon age/tenure requirements that
> our Provost, HR, and Advancement folks determine.   We would then like to
> include some form of activity check and terminate accounts that go unused
> for a period of time.  This plan should  provide a fair amount of risk
> mitigation.
>
>
>
> The main risks remaining would be that some sensitive data still might be
> mailed to the person’s address based on habit or old script, or that a
> retiree would get involved in some incident with their new account that
> requires significant effort by our security and/or legal team (litigation
> hold, abuse complaint, compromised account, etc).
>
>
>
> I’d prefer that if we offer anything it would be an e-mail forward, but
> there seems to be a consensus among our leadership that we should offer a
> full account to retirees.  I am trying to find a way to provide the service
> in way that limits our risk and meets our business requirement.
>
>
>
> Thanks,
>
>
>
> Chris
>
>
>
>
>
>
>
> *Chris Gregg*
> Associate Vice President of Information Security & Risk Management
> Information Technology Services (ITS)
> csgregg () stthomas edu
> <javascript:_e(%7B%7D,'cvml','csgregg () stthomas edu');>
> p 1 (651) 962-6265
> *University of St. Thomas* | stthomas.edu <https://www.stthomas.edu/>
>
>
> [image: University of St. Thomas : All for the Common Good]
> <http://www.stthomas.edu/e>


-- 
Theresa Rowe on the road