Educause Security Discussion mailing list archives

Re: Termination / Retirement Policies

From: Donna Volpe Strouse <dvolpe () WELLESLEY EDU>
Date: Thu, 27 Mar 2014 13:40:05 -0400

We also have one account per user.  However, we have had to make an
exception to that rule for alums who are also employees if there is a
non-amicable separation from their job. This is because all alums get to
keep their wellelsey.edu domain credentials.  So in order to let them keep
their Wellesley email, but still satisfy our requirement to terminate
accounts immediately when employees leave the college, we will create a
second account for the alum to use for personal email only.

Kind regards,
Donna

Donna Volpe Strouse
Director of LTS Administration & Information Security Officer
Library & Technology Services
Wellesley College
Clapp Library 246
781-283-3425

 **** Many people want your password so they can steal your information. If
an email asks you to send your password or directs you to a page that is
NOT in the wellesley.edu <http://wellesley.edu/> domain, DO NOT provide
your password. LTS will never ask for your passwords -- when in doubt,
contact the LTS Computing Help Desk.*


On Thu, Mar 27, 2014 at 12:21 PM, Jones, Mark B <Mark.B.Jones () uth tmc edu>wrote:

Our users have one account no matter how complex their affiliation is.
Users who are both employees and students gain or lose attributes as their
affiliations change but their single account persists until they have no
lingering affiliation.  Applications and services are expected to handle
authorization appropriately.  In other words authentication should not
equal authorization.



*From:* The EDUCAUSE Security Constituent Group Listserv [mailto:
SECURITY () LISTSERV EDUCAUSE EDU] *On Behalf Of *Peter Lundstedt
*Sent:* Thursday, March 27, 2014 10:15 AM

*To:* SECURITY () LISTSERV EDUCAUSE EDU
*Subject:* [SECURITY] Termination / Retirement Policies



Hi all,



We're working developing some formal policy, standards, and procedures
around faculty, staff, and student account terms following status changes
and I'm curious on what others are doing.



The following scenarios are some that we are struggling with, but anything
around the term process would be helpful.



Do you allow faculty with proprietary research (Emeriti in particular) to
keep hardware following retirement?

How do you handle staff terms when that staff member is also a student?

How do you handle student terms when a student is also an adjunct
professor/similar?



*Peter Lundstedt*

SECURITY ANALYST 2, INFRASTRUCTURE & SECURITY SERVICES



[image: oit]

Current thread:

Termination / Retirement Policies Peter Lundstedt (Mar 27)
- Re: Termination / Retirement Policies Mike Cunningham (Mar 27)
  - Re: Termination / Retirement Policies Roger A Safian (Mar 27)
- Re: Termination / Retirement Policies Jones, Mark B (Mar 27)
  - Re: Termination / Retirement Policies Donna Volpe Strouse (Mar 27)
    - Re: Termination / Retirement Policies Miguel A. Glez. de la Torre (Mar 27)
- <Possible follow-ups>
- Re: Termination / Retirement Policies Rick Baker (Mar 27)