Educause Security Discussion mailing list archives

Re: Standard operations question

From: Julian Y Koh <kohster () NORTHWESTERN EDU>
Date: Thu, 21 Feb 2019 15:37:20 +0000

On Feb 21, 2019, at 09:21, Jared Evans <jared.evans () GALLAUDET EDU<mailto:jared.evans () GALLAUDET EDU>> wrote:

A department has gone with a service provided by an external party and has a support contract with them.  This support 
service necessitates a VPN account along with an user account (along with appropriate access control placed upon it).  
While we have created and filed the documentation for this account, who is ultimately responsible for this account 
going forward?

The system owner of the service who has set the justification for the existence of the account or the datacenter team 
which maintains our accounts?


IMO the service owner should be responsible for the account.

--
Julian Y. Koh
Associate Director, Telecommunications and Network Services
Northwestern Information Technology

2020 Ridge Avenue #331
Evanston, IL 60208
+1-847-467-5780
Northwestern IT Web Site: <http://www.it.northwestern.edu/>
PGP Public Key: <https://bt.ittns.northwestern.edu/julian/pgppubkey.html>

Current thread:

Standard operations question Jared Evans (Feb 21)
- Re: Standard operations question Julian Y Koh (Feb 21)
  - Re: Standard operations question Frank Barton (Feb 21)
    - Re: Standard operations question SPolsky@PACC (Feb 21)
    - Re: Standard operations question Julian Y Koh (Feb 21)
    - Re: [EXTERNAL]Re: [SECURITY] Standard operations question Bristol, Gary L. (Feb 21)
- <Possible follow-ups>
- Re: Standard operations question Jared Evans (Feb 21)
  - Re: Standard operations question Frank Barton (Feb 21)
  - Re: Standard operations question SPolsky@PACC (Feb 21)