IT-01: User Accounts Management Policy

PURPOSE

The purpose of this policy is to establish standards for the administration of user accounts that access Sam Houston State University (SHSU) information resources.   These resources must be protected from unauthorized access, loss, corruption, or destruction, thus ensuring the confidentiality, integrity, and availability of these resources.  Proper management of accounts provides a means of assuring accountability and protecting SHSU resources.  The standards established in this policy include issuing accounts, granting access to approved resources, account maintenance and deactivation processes. 

SCOPE

The SHSU User Accounts Management policy applies to those responsible for the management of user accounts on SHSU information resources. 

POLICY STATEMENT

  1. University user accounts will utilize an approved SHSU account naming convention and be based on assigned roles within the Banner system (e.g., faculty, staff, student worker, student, visitor, alumni, etc.). The level of authorized access will be based on the principle of least privilege, but if a user is assigned multiple roles, the most privileged role will take precedence.  
  2. The creation of a user account issues a unique, non-transferable electronic identity known as the “username” which cannot be reassigned to another individual.  Usernames will remain in effect throughout the individual’s official affiliation with SHSU.
  3. When an individual changes role or ends their affiliation, user accounts will be deactivated.
  4. Upon user activation, account holders are authorized to access the resources dictated by their role or affiliation.
  5. Users are required to change passwords per IT-02 User Accounts Password Policy.  

EXCEPTIONS TO POLICY

None

REFERENCE

There are many individual laws, regulations, and policies that establish our information security requirements.   While it is not possible to list all potentially applicable laws and regulations, the most relevant are listed in the Texas State University System (TSUS) Rules and Regulations, Rule III Paragraph 19 and associated TSUS IT Policies. 

Version: 1.01
Approved By: President’s Cabinet, April 11, 2023 
Reviewed By: Heather Thielemann, Information Resources Manager, April, 2023 
Next Review: April, 2024

Print Article