Email, Network, and Colleague Account Management Policy
Information Technology Services
Information Technology Services
The purpose of this policy is to remove unused and inactive email/network accounts to foster greater security and service.
Worcester State University will audit email, network, and Colleague accounts on a regular basis.
- All network and email accounts are generated automatically through Colleague
- Colleague accounts will be generated individually upon request in writing by an employee's supervisor; such requests also will define the specific level of access needed by the employee in Colleague
- All user passwords will expire automatically every 90 days from most recent reset
- All users must create strong passwords. See also the policy 'Network and System Passwords'.
- All Colleague accounts and their associate permissions will be reviewed/audited monthly.
- Temporary accounts will be created under special circumstances for visiting presenters or faculty who offer a series of sessions or workshops at the University; temporary accounts will have limited duration and will receive internet access only.
- Occasionally, individuals who are not directly affiliated with the University may be engaged in online collaborative activities with University employees. Permissions beyond internet access must be approved by the University 's security officer or CIO. Such permissions may be granted on an individual or group basis, depending upon specific circumstances.
- Temporary accounts must be approved by the University 's security officer or CIO.
- Departmental/Business Unit Accounts may be created to enable an organization to conduct official University business via a generic email account. These accounts will have a departmental owner that will assume all responsibility and liability associated with the use of the account. Departmental Accounts must be approved by the University's security officer or CIO.
- All full-time faculty and staff network and email accounts will be audited annually; the audit will cross-reference unniversity payroll listings with active faculty and staff email/network accounts
- The annual audit will take place during the first full week of July; network account records will be cross-referenced with payroll records for the previous 18 month time period.
- Any full-time faculty or staff member who is not listed on the email/network account audit will have his/her accounts disabled
- Disabled accounts may be re-enabled on written request by the faculty member's chair or the staff member's supervisor; in such requests, a rationale must be included
- All student network and email accounts will be audited annually; any accounts that have been inactive for 18 months will be disabled and have their network storage deleted
- Any account that is disabled for one year will be deleted during the annual audit.
- Any changes in a full-time member of the faculty's or staff's employment status must be communicated immediately to the UTS Help Desk.
- Any employee who involuntarily separates from the University will have their accounts disabled immediately upon notification from the appropriate division vice-president or the president.
- Any user account may be temporarily disabled for reasonable cause by UTS.
- Students will be able to retain their WSU email/network accounts indefinitely, provided that they adhere to all associated policies.
- Emeriti faculty and retired staff will be able to retain their WSU email/network accounts indefinitely, upon individual request, provided that they adhere to all associated policies; emeriti faculty will have their Colleague access disabled upon retirement.
There are four classes of email/network accounts:
- Student Accounts (students retain email accounts and limited network access indefinitely)
- Fulltime Employees and Faculty
- Retirees/Emeriti (retirees and emeriti retain email accounts and limited network access indefinitely; access to protected resources is disabled)
- Seasonal & Adjunct Employees (accounts are audited for payroll activity annually)
- Temporary guest accounts (accounts setup with limited permissions, and with a pre-determined expiration date)
- Departmental account access will be audited be University Technology Services on an annual basis. Owners of the Department Accounts are responsible for day-to-day account management and auditing, including notifying UTS of any changes in personnel who may access the Departmental Accounts within their areas.
- Worcester State University does not archive email, as it is considered a transitory medium. Users should not rely on email as an archive of critical communications. Note: In WSU Gmail Spam and Trash are automatically permanently deleted every 30 days. See also 'Email Retention Policy'.