Re: Termination / Retirement Policies

["Jones, Mark B" <Mark.B.Jones () UTH TMC EDU>]

Our users have one account no matter how complex their affiliation is.
Users who are both employees and students gain or lose attributes as their
affiliations change but their single account persists until they have no
lingering affiliation.  Applications and services are expected to handle
authorization appropriately.  In other words authentication should not equal
authorization.

 

From: The EDUCAUSE Security Constituent Group Listserv
[mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Peter Lundstedt
Sent: Thursday, March 27, 2014 10:15 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] Termination / Retirement Policies

 

Hi all,

 

We're working developing some formal policy, standards, and procedures
around faculty, staff, and student account terms following status changes
and I'm curious on what others are doing.

 

The following scenarios are some that we are struggling with, but anything
around the term process would be helpful.

 

Do you allow faculty with proprietary research (Emeriti in particular) to
keep hardware following retirement?

How do you handle staff terms when that staff member is also a student?

How do you handle student terms when a student is also an adjunct
professor/similar?

 

Peter Lundstedt

SECURITY ANALYST 2, INFRASTRUCTURE & SECURITY SERVICES

 

oit

Attachment: smime.p7s
Description: