Exceptions to not keeping accounts for ex-employees

[Michael Fox <Mfox () GEORGIASOUTHERN EDU>]

We have a policy for what to do with accounts of employees that are no longer employed at our university. What we are 
dealing with (seemingly on a more frequent basis) is the request for keeping the account active or available for 
longer. We have had requests for up to 9 months. The reasons vary, some are just nonsense and some have what seem to be 
legitimate reasons. 

Most of these are for e-mail accounts, but we have had a few for other accounts. Right now our e-mail accounts are 
separate from all other accounts so the account team has the ability to disable and remove other accounts more 
sensitive (Banner, PeopleSoft, etc). 

What I would like to ask is what criteria do other schools use for the exceptions (if you do allow exceptions)? Also if 
you do allow exceptions what are some of the limits you put on the exceptions.

To be honest 99% of the requests for exceptions can be handled by advanced preparation of the employee and the 
department  but I haven't gotten others to agree to this (yet).

Any input would be helpful and appreciated.

Thanks,
Mike

Mike Fox
Georgia Southern University
Information Technology Services
Office of Information Security
mfox () georgiasouthern edu
(912)871-1592

Jeremiah 29:11-16
 
NOTE: This email message is intended only for the named recipient(s) above
and may contain information that is privileged, confidential, and or exempt
from disclosure under applicable law. If you have received this message in
error, or are not the named recipient(s), please immediately contact the
sender and delete this email message.