SFA Home / Policies

Computer System Access (F-37)

Original Implementation: January 19, 1999
Last Revision: January 19, 2006

SFA Administrative Account Security

Administrative accounts are provided for access to SFA's administrative information systems. The accounts have the following security characteristics that have been arrived at by the functional need of the type of user.

General Guidelines

All accounts should adhere to the following general guidelines:

Staff Accounts

Staff accounts are provided for SFA faculty and staff for access to the administrative systems, specifically, the SCT suite of systems: SIS, FRS, and HRS. These accounts are generally organized as follows:

Password Lifetime: The password lifetime is set to 90 days for staff accounts.

Access to the Data Command Language prompt: This is generally not allowed.

Programmer Accounts

Programmer accounts are provided to Information Technology Services (ITS) programming staff for the purpose of maintaining ITS systems, providing support to staff users, and augmenting current systems. These accounts are generally organized with the following characteristics:

Password Lifetime: The password lifetime is set to 60 days.

Access to the Data Command Language prompt: Allowed.

Operator Accounts

Operator accounts are provided for ITS operations staff to allow them to:

  1. Monitor ITS systems and take corrective action autonomously, if necessary

  2. Service requests for print, tape or other associated resources

  3. Oversee operation of the batch scheduler

Password Lifetime: The password lifetime is set to 30 days.

Access to the DCL prompt: Allowed.

Database Administrator Accounts

Database Administrator accounts are provided for ITS operations staff to allow them to:

  1. Maintain ITS Database systems

  2. Upgrade SCT-Plus software (patches and new release software)

  3. Provide programming necessary to maintain and augment administrative environment.

  4. Provide general support to programming staff

Password Lifetime: The password lifetime is set to 30 days.

Access to the DCL prompt: Allowed.

System Manager Accounts

System Manager accounts are provided for ITS operations staff to allow them to:

  1. Maintain system software.

  2. Upgrade system software (patches and new release software).

  3. Provide programming necessary to maintain and augment the system environment.

  4. Perform security monitoring and monitor system viability/performance management.

  5. Administer user accounts, SCT online system security, and email.

Password Lifetime: The password lifetime is set to 30 days.

Access to the DCL prompt: Allowed.

Investigation of Access Violations

Reported or suspected access violations will be investigated aggressively and completely by the Technical Support Staff of ITS. Upon notification of any such event, the Director of Information Technology Services will be notified and the Assistant Director of Technical Support shall initiate a complete investigation utilizing any system and/or ITS resources necessary. The Director of Information Technology Services will notify the Vice President for Finance and Administration and, in the event a business system is involved, the Internal Auditor.

ITS will take some or all of the following steps to investigate, with the exact order of steps determined by the specific situation:

  1. Close any avenue used to commit the violation and return the system at once to a secure state.

  2. Immediately take steps to preserve and protect any evidential data sources.

  3. Perform any real-time monitoring of suspected violations in progress.

  4. Engage ITS and system owner staff as needed to assess and report on the health of any affected application systems.

  5. Assess any other systems, application or system-related, that for any reason may be suspected of being involved in the access violation.

  6. Alert the University Police Department. Others who may need to be notified include the system owner and any other department that has a justifiable need for involvement.

  7. Continue to monitor the system to ascertain if any related violations are attempted. The exact length of any high state of alert is to be commensurate with the situation encountered.

The ITS Technical Support Staff reserves complete authority to inspect in real-time or by other means any suspected activity that appears to represent an abuse of any ITS-managed system. This includes, but is not limited to, inspection of email, real time monitoring of users, logging of activity and inspection of files of any type.

A complete report and analysis of the access violation will be produced after the investigation is complete. Any criminal investigation will fall under the auspices of the appropriate investigating body. The report will be filed by ITS and full and complete measures will be taken to repair any security breaches uncovered by the investigation.

Assignment of New Passwords

Students, faculty and staff may request a password change in the event their password has been forgotten or some other problem dictates resetting their password.

The process of obtaining password change is outlined below:

Faculty/Staff Accounts

Self-Service

Faculty and Staff can activate and reset their passwords by choosing the appropriate link under Faculty/Staff E-Mail on the Getting Started with mySFA help page.

Assisted by ITS personnel

The Customer Support Help Desk is available at 468-1212. In the event the Help Desk is closed or otherwise inaccessible, ITS can be contacted directly at 468-1110.

Student Accounts

Students can activate and reset their password by choosing the appropriate link under Student E-Mail located on the Getting Started with mySFA help page.

 

Source of Authority: Vice President for Finance and Administration

Cross Reference: None

Contact for Revision: Director of Information Technology Services

Forms: Account Authorization Form