Educause Security Discussion mailing list archives
Re: Retiree Email Accounts
From: "Graves, Rich" <rxgraves () IU EDU>
Date: Thu, 6 Sep 2018 14:50:21 +0000
At most (all?) of my current and former institutions, emeriti are now properly tracked in the HR and identity management systems, so no different from other accounts, really. "Ownership" of the relationship is at the provost or dean level. If you don't have that, get someone working on it. It'll take a lot of time but it'll be worth it. In the past, account "keepalive" (literally) was handled, somewhat, by an annual or biannual password change requirement. I know of at least one case where the surviving spouse continued to use the deceased emeritus's account, though, and several where they shared it with other family. At all of my current and former institutions, emeriti are required to use 2-factor just like everyone else. So the historical problem of never being confident if emeriti have been phished (and whom to contact when they clearly were) has mostly gone away. Mostly. Rich Graves <rxgraves () iu edu> Principal Security Engineer https://OmniSOC.iu.edu/
Attachment:
smime.p7s
Description:
Current thread:
- Re: Retiree Email Accounts, (continued)
- Re: Retiree Email Accounts Miller, Richard H (Aug 29)
- Re: Retiree Email Accounts Theresa Rowe (Aug 29)
- Re: Retiree Email Accounts Ronald King (Sep 05)
- Re: Retiree Email Accounts Scott Stoops (Sep 06)
- Re: Retiree Email Accounts Frank Barton (Sep 06)
- Re: Retiree Email Accounts Theresa Rowe (Sep 06)
- Re: Retiree Email Accounts Miller, Richard H (Sep 07)
- Re: Retiree Email Accounts Tom Klimek (Sep 06)
- Re: Retiree Email Accounts Walter Moore (Sep 06)
- Re: Retiree Email Accounts Theresa Rowe (Aug 29)
- Re: Retiree Email Accounts Miller, Richard H (Aug 29)