Re: Termination / Retirement Policies

[Mike Cunningham <mike.cunningham () PCT EDU>]

We don't do any research work but we don't let anyone keep any hardware the college purchased when they retire. We 
might let someone buy their computer if it would just go to our auction because of age but we would wipe all data from 
the hard drive and reinstall just windows if we did.

We create two accounts for students who teach or employees who take classes. A student account and en employee account. 
We even extend this to work study and any part time student employee. It is not the best system but it fixes the two 
issues you have and allows us to treat that account base on the rules for the role.  Access rights on each account is 
set to the role. If active directory had a concept of a role that is attached to an account and access rights assigned 
to the role we would not need to do this.

From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Peter 
Lundstedt
Sent: Thursday, March 27, 2014 11:15 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] Termination / Retirement Policies

Hi all,

We're working developing some formal policy, standards, and procedures around faculty, staff, and student account terms 
following status changes and I'm curious on what others are doing.

The following scenarios are some that we are struggling with, but anything around the term process would be helpful.

Do you allow faculty with proprietary research (Emeriti in particular) to keep hardware following retirement?
How do you handle staff terms when that staff member is also a student?
How do you handle student terms when a student is also an adjunct professor/similar?

Peter Lundstedt
SECURITY ANALYST 2, INFRASTRUCTURE & SECURITY SERVICES

[oit]