Educause Security Discussion mailing list archives
Re: Retiree Email Accounts
From: "Gregg, Christopher S." <csgregg () STTHOMAS EDU>
Date: Wed, 29 Aug 2018 17:58:59 +0000
In the past we allowed for retiree accounts, in which case staff would get a new clean account and faculty would be able to keep their existing account and contents. We stopped that practice a couple of years ago but still allow faculty emeriti to keep their accounts. The thought by the institution is that they have an official agreement with the university still and are quasi-employees. They also have an official sponsor in our Provost's office. I think one key in making the argument against providing this service is to require some department to own the retiree population getting the accounts - vetting who is eligible, dealing with exceptions, dealing with any complaints, determining when they no longer need the accounts, etc. We found that while some people thought it was a nice service to offer individuals, no one really wanted to own the population and process. That and the other e-discovery & false representation concerns mentioned already tipped the balance away from us offering the service. Thanks, Chris Chris Gregg Associate Vice President of Information Security & Risk Management, CISO Information Technology Services (ITS) csgregg () stthomas edu<mailto:csgregg () stthomas edu> p 1 (651) 962-6265 University of St. Thomas | stthomas.edu<https://www.stthomas.edu> From: The EDUCAUSE Security Constituent Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU> On Behalf Of Williams, David Sent: Wednesday, August 29, 2018 12:18 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: [SECURITY] Retiree Email Accounts How does your institution address email accounts for retirees? * Deactivate upon termination? * Continuous use of email account? * Move email account to separate domain (e.g., John.Doe () retiree dcccd edu<mailto:John.Doe () retiree dcccd edu>)? What about retention of email upon retirement? * Other? Retirees at our institution are allowed to maintain their email accounts. I have given good cause for removing this entitlement from a security exposure and support perspective, but, have been requested to solicit comments from other education institutions. Thank you for any feedback! David Williams Chief Information Privacy & Security Officer Director, Risk Management Dallas County Community College District (DCCCD) District Service Center (DSC) 4343 IH 30 Mesquite, Texas 75150-2018 david.williams () dcccd edu<mailto:david.williams () dcccd edu> 972.860.7793 (phone) 972.860.7929 (fax) www.dcccd.edu<https://na01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.dcccd.edu%2F&data=02%7C01%7Ccsgregg%40STTHOMAS.EDU%7C887b52b3a8f74ab4a75008d60dd4d160%7Ca081ff79318c45ec95f338ebc2801472%7C1%7C0%7C636711605043618017&sdata=C5bhfqo%2BswAI9cSYFm3o2yD5zy3eU78S89P2RlTlu5Q%3D&reserved=0> [Twitter Icon]<https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Ftwitter.com%2FCIPSODCCCD&data=02%7C01%7Ccsgregg%40STTHOMAS.EDU%7C887b52b3a8f74ab4a75008d60dd4d160%7Ca081ff79318c45ec95f338ebc2801472%7C1%7C0%7C636711605043618017&sdata=I526lXItusTbX3ZWGTPktL6CMtQHrTFBqNoHfTHh%2BRY%3D&reserved=0> [Small LinkedIn] <https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.linkedin.com%2Fin%2Fdavidrwilliamscisa&data=02%7C01%7Ccsgregg%40STTHOMAS.EDU%7C887b52b3a8f74ab4a75008d60dd4d160%7Ca081ff79318c45ec95f338ebc2801472%7C1%7C0%7C636711605043618017&sdata=nSwIulOMFA%2Fh4vlDa123iSyb9Jyo6Tlp%2BM8EFIRFmN4%3D&reserved=0> [https://myportal.dcccd.edu/SiteCollectionImages/Nov2016Images/Email%20Sig/DCCCD_Email_Signature.jpg] ******************************************************************************* NOTICE: This communication, including attachments, may contain information that is confidential and protected by the attorney/client or other privileges. It constitutes non-public information intended to be conveyed only to the designated recipient(s). If the reader or recipient of this communication is not the intended recipient, an employee or agent of the intended recipient who is responsible for delivering it to the intended recipient, or you believe that you have received this communication in error, please notify the sender immediately by return e-mail and promptly delete this e-mail, including attachments without reading or saving them in any manner. The unauthorized use, dissemination, distribution, or reproduction of this e-mail, including attachments, is prohibited and may be unlawful. Receipt by anyone other than the intended recipient(s) is not a waiver of any attorney/client or other privilege
Current thread:
- Retiree Email Accounts Williams, David (Aug 29)
- Re: Retiree Email Accounts Theresa Rowe (Aug 29)
- Re: Retiree Email Accounts Robert Hughes (Aug 29)
- Re: Retiree Email Accounts Jackson, William (Aug 29)
- Re: Retiree Email Accounts Dan Wasson (Aug 29)
- Re: Retiree Email Accounts Gael Frouin (Aug 29)
- Re: Retiree Email Accounts Dan Wasson (Aug 29)
- Re: Retiree Email Accounts Gregg, Christopher S. (Aug 29)
- Re: Retiree Email Accounts Miller, Richard H (Aug 29)
- Re: Retiree Email Accounts Theresa Rowe (Aug 29)
- Re: Retiree Email Accounts Ronald King (Sep 05)
- Re: Retiree Email Accounts Scott Stoops (Sep 06)
- Re: Retiree Email Accounts Frank Barton (Sep 06)
- Re: Retiree Email Accounts Theresa Rowe (Sep 06)
- Re: Retiree Email Accounts Miller, Richard H (Sep 07)
- Re: Retiree Email Accounts Tom Klimek (Sep 06)
- Re: Retiree Email Accounts Walter Moore (Sep 06)
- Re: Retiree Email Accounts Theresa Rowe (Aug 29)