HCC Ybor Campus HCC SouthShore Campus HCC Plant City Campus HCC District Administrative Offices HCC Dale Mabry Campus HCC Brandon Campus

1.       PURPOSE

The purpose of this policy is to define the logical access controls as they apply to the Information Technology resources at Hillsborough community college. This guideline will detail how hardware, software, facilities, and information are protected.

 

2.       POLICY

2.1.    Account Eligibility

Users of the College’s information resources are diverse and they fall into three categories.

 

College Staff

All non-instructional personnel employed by the institution.

College Faculty

All instructional personnel employed by the institution. This includes tenured and adjunct faculty.

Third Party Contractors

All non-instructional personnel at the college on contractual terms. This could include vendors and consultants.

 

Each of these categories of personnel has unique needs and therefore has specific considerations when provisioning and de-provisioning accounts.

 

2.2.    Account Provisioning

As part of the institutions initiative to use e-mail as the official means of communications, all current college employees will be provided a network account to log onto a college computer on the FAMILY active directory domain. Creation of the network accounts can only take place after the HR hiring process has completed and a valid and current Employee record in the Datatel. If it is determined that to fulfill the requirements of the user’s job responsibilities that access to other systems, it will be indicated on the designated account creation form (electronic or paper). This form will be processed by the respective resources system agent for approval.

 

Upon completion of the provisioning process, the requestor will be notified via email with all of the information necessary for the user to use the provided accounts.

 

2.3.    Account De-provisioning

Separation from the college is a critical part of the Identity Lifecycle Management process. This involves removing access to Technology Resources from user accounts for separated personnel.

 

Upon notification from Human Resources that a person is no longer employed by the college, the user account is deactivated in all systems within the college.

 

2.4.    Account Auditing

In order to ensure that accounts active accounts on the institutions technology resources are held only by active employees, a monthly audit of all separated employees will be completed against the Active Directory system and the Datatel system. This will safeguard against there being active accounts on the system for separated employees

 

3.       REVISION HISTORY

Date

Description

 

06/16/2009

Initial policy draft.

OIT

07/01/2010

Official Policy Designation

Gorham, Stephen