Policies

Policies

Intergrated Information Technology Services

User Accounts

POLICY:

Utica College user accounts provide access to College computing resources such as College-owned computers, the wireless network, email, network servers, Banner, as well as select third party applications such as Engage. Integrated Information Technology Services (IITS) is responsible for the establishment and termination of accounts based on the assigned roles. Users must safeguard the credentials that secure their online identity as well as their accounts, their files, and the files to which they have authorized access. In order to support the safeguarding process, users must not share their passwords, and are required to change their passwords every 120 days.
 
Guidelines for safeguarding credentials, accounts, and files can be found at
https://www.utica.edu/academic/iits/infosec/ 
 
Individuals who are assigned Utica College user accounts shall not use those accounts to conduct Non-Utica College business.
 
Individuals who are assigned Utica College user accounts are strongly encouraged not to use those accounts to conduct non-College business or store personal information. Examples would include banking accounts, tax forms and family photographs.
 
All holders of user accounts must comply with the Responsible Use of College Computing Resources policy, Copyright and Peer-to Peer File Sharing policy, Data Security and Classification policy, the Employee Code of Conduct, and the Student Code of Conduct, as appropriate.
 
Users will be provided access to appropriate accounts based on their relationship with the College, and as needed, access may be temporary. For example, a vendor may be granted temporary access to the College’s network in order to effect computer repairs, but would not be granted access to the College’s online course management system, and student workers may be granted access to specific resources for as long as they are employed by a particular College office.
 
Any account may be locked and/or deleted in response to violations of Utica College policies, to provide increased security to the Utica College network, and/or to comply with investigations and litigation holds.
 
Utica College owns all user accounts. Subject to any underlying copyright and other intellectual property rights under applicable laws and College policies, the College also owns all data stored or transmitted using College user accounts.

SCOPE:

This policy applies to any user with an active Utica College account including, but not limited to faculty, staff, students, retirees, alumni, volunteers, academic partners, auxiliary staff as well as non-UC employees who have been assigned a Utica College account.

REASON FOR POLICY:

User accounts are the means used to access Utica College’s computing resources. This policy establishes standard procedures for creating, monitoring, and controlling this access, ensuring the accountability that is vital to the protection of Utica College information.

DEFINITIONS:

User Account: A collection of information that defines access levels to files, folders and all system resources. The user account consists of a user ID and password.
 
User ID: Also referred to as a username. A construction of letters and numbers that, in conjunction with a password, uniquely identifies a person. Generally speaking, user names serve as the basis for email addresses, with “@utica.edu” appended to the user ID.
 
Password: A string of characters that authenticate an individual’s identity and that grant or deny access to private shared data.
 
Generic User ID: A User ID that can be used and shared by multiple individuals.
 
Data Owner: The individual responsible for authorizing and revoking access to network resources.
 
Banner Administrative Pages: The College’s administrative computing system.
 
Banner Self-Service: The web-based interface that allows users to access self-service features such as submitting time sheets, entering or obtaining grades, and registering for classes.
 
Academic Partners: The companies that Utica College contracts with to provide support services for Utica College online and hybrid programs.
 
Auxiliary Staff Members: Including but not limited to employees of contracted services such as the Bookstore, Campus Safety, Dining Services, and Facilities Management.

PROCEDURES:

Creating User Accounts
Based on an individual’s status (student, faculty, staff etc.), they will be granted access to appropriate electronic resources. Some resources – e.g., shared files – may require additional permission. For this reason, access requests may require multiple approvals before IITS can complete the process.
 
Accounts for Employees, Including Academic Partners and Auxiliary Staff
User accounts are created automatically once the individual is properly coded in Banner. The employee account creation process for new employees cannot be arbitrarily sped up or circumnavigated. Supervisors should therefore take the account creation process into account when deciding a starting date for a new hire. The Office of Human Resources provides new hires instructions for accessing their accounts during the onboarding process.   
 
Requests to activate Banner and email accounts for employees with auxiliary and other contracted academic partner organizations must originate from the appropriate UC administrator and should be directed to the Office of Human Resources. The individual requesting accounts for employees with auxiliary and other contracted academic partner organizations is responsible for periodically reviewing those accounts and requesting that the accounts and notifying the Office of Human Resources of those no longer affiliated with Utica College be deactivated.
 
Accounts for Students
Limited user accounts for matriculated students are initiated via automated processes for every applicant who submits a FAFSA form. Full student accounts are created once they have been accepted to Utica College and the tuition deposit has been recorded in the student information system. Non-matriculated student accounts are initiated via automated processes after the student registration has been recorded by the Registrar's Office in the student information system.
 
Accounts for Vendors
Requests to create user accounts for vendors must be submitted to IITS by a UC employee and must include details on account usage and when the account should be both created and terminated. Passwords for vendor accounts are managed by the sponsoring employee. Once a vendor account is no longer needed, it will be deactivated or the password will be changed so the vendor no longer has access. Vendor passwords cannot be identical to sponsoring employee’s passwords. It is the responsibility of the sponsoring employee to provide the vendor with a copy of the Responsible Use of College Computing Resources policy.
 
Generic User Accounts
In some cases, it may desirable to create an account that isn’t specific to an individual and/or that allows multiple users to access the same information. For example, conference attendees may use one user ID and password to access appropriate resources during the conference. Additionally, group email accounts such as helpdesk@utica.edu allow for better communication in a team environment.  Requests for generic user accounts should be made to by submitting the Email or Network ID request form to IITS. Generic user IDs may not be used to access Banner.
 
Banner Administrative Accounts
To control access to sensitive or confidential information, access to Banner Administrative Pages are controlled through separate user accounts. Requests for additional privileges should be sent to the Director of Information and Application Services by the appropriate vice president, supervisor, or dean. Additional permissions are required to access the Banner Finance module. To request access to Banner Finance, users must complete the contact the Vice President for Financial Affairs or their designee.


Naming Protocols
User names and email addresses will be assigned and will follow this format: First initial, middle initial, last name. If the employee or student has no middle name, the first two letters of the first name are used. Usernames must be eight characters or shorter.  Additionally, all non-letter and number characters such as hyphens and apostrophes cannot be part of the username and will be removed during the creation process.  In the event of duplicate addresses, numbers are added in sequence to the end of the user name/email address. Example: jsmith@utica.edu; jsmith1@utica.edu; jsmith2@utica.edu.
 
User names are unique to each user, and will not be recycled for new accounts.
 
User names and email addresses may be changed when a user legally changes their name or when there is an error in the spelling of the user’s name. Requests for changes and corrections should be directed as listed below. While the appropriate office should be notified about name changes, it is user’s option to additionally request that their user name and email address also be changed. If the user does wish to change their user name and email address, the office that records the change is responsible for notifying IITS, which will carry out the user name/email address change.
 
Applicants
Applicants who change their name should contact the Office of Admissions, who will notify IITS if requested.
 
Students
Current students who change their name should contact the Office of the Registrar, who will notify IITS if requested.
 
Graduates
Graduates who change their name should contact the Office of Alumni Relations, who will notify IITS if requested.
 
Employees
UC employees or employees with academic partners or auxiliary employers who change their name should contact the Office of Human Resources, who will notify IITS if requested.
 
User Account Retention, Termination, and Revision
 
Any account may be locked, accessed by someone other than the account holder and/or deleted in response to violations of any Utica College policy, to provide increased security to the Utica College network, to comply with investigations and litigation holds, or to ensure business continuity. The College reserves the right to lock, revoke, and/or delete any user email account for reasons not listed below. Such cases require prior approval from the College’s President, the Vice President for Legal Affairs, the Office of Human Resources, the Director of Information Security, or their designees. Appeals may be made to any of the listed individuals.
 
Students Who Leave UC before Graduating
Students marked as inactive retain their email and limited network accounts for one year in order to facilitate communication should they decide to return to Utica College.  Email and BannerWeb can be accessed from any location on or off campus.  Network access, such as Wi-Fi, is only accessible at the Utica, NY location. After one year of academic inactivity, such accounts and any data associated with those accounts will be deleted, with the exception of accounts with financial holds.  
 
Student Who Graduate from UC
Students who have graduated from Utica College have the option of keeping their network and email accounts open and can do so by responding to the email that is sent to them from the College following graduation.  Alumni will be asked to renew their accounts every six months. Alumni network accounts will also remain active, but can only be accessed from College-owned computers. Alumni must follow all Utica College policies relating to the use of their email accounts (e.g., share Use of College Computing Resources) or risk having their email privileges revoked.
 
Alumni who have not extended their email accounts within one year following graduation will receive notification that their accounts will be deleted within 21 days unless they renew, with the exception of accounts with financial holds.  Once deactivated, alumni accounts may be re-activated upon request. However, all data from the original student account will have been deleted.
 
Faculty, Staff, and Auxiliary Employees Who Leave Utica College
Except when otherwise arranged to serve the College’s needs, access to faculty, staff, and auxiliary user accounts, including all contents, expires once the person leaves the College. To ensure business continuity, the College may retain former employees’ surrendered accounts for a period of time to allow supervisors to have access to suspended accounts or to accommodate legal holds. In cases when accounts remain active, vice presidents, deans, and supervisors should approve automated responses to email sent to employees who have left the College. See Automated Response Options.
 
Vice presidents, deans, or supervisors who approve access and/or automated responses must notify the Office of Human Resources and Integrated Information Technology Services as to how long the access and automated responses should remain active, up to a one-year maximum.
 
Faculty, staff, and auxiliary employees who are Utica College students and who leave the College before graduating will surrender their user name and account access upon separation, but will receive a new user account. To ensure that course-related data is preserved, students should archive course-related emails and files in designated folders and transfer course data to their new accounts before they leave employment. Once they have left the College as employees, individuals may request that the College transfer student-related data to the new account and, within reason, the College will do so. Keeping student-related email and communication in separate folders will help to facilitate the process.
 
Faculty, staff, and auxiliary employees who are Utica College graduates and who leave the College will surrender their user name and account access and content upon separation. Former UC employees who are UC alumni and who wish to retain a UC account will be assigned a new user name and will be given the appropriate access privileges. However, no personal data or email will be transferred into the new alumni account
 
Faculty and Staff Who Retire from Utica College
Faculty and staff members who retire from the College, including those who are awarded emeritus status, may retain access to their email and BannwerWeb accounts, except in cases when doing so may compromise business continuity.  BannerWeb accounts will be left open to allow access tax forms, but all College business functions will be removed. Access will be extended automatically, unless there is a reason to revoke access, such as a violation of the Responsible Use of College Computing Resources policy, or to ensure business continuity. The College will send retirees an annual email asking account holders to confirm that they wish to retain the account. In some cases, supervisors may request access to email accounts of retired employees for a period of time to ensure business continuity.  Access to all other resources such as Argos, Banner Administrative Pages, Google Docs, Google Sheets, Google Drive, Library Databases, LMS, Network File Server, VPN etc. will be removed on the last day of employment. Be sure to remove any personal information prior to the last day of employment.
 
Academic Partners and Vendors
UC administrators who request accounts for employees of academic partners or vendors are responsible for periodically reviewing those accounts and submitting requests to the Help Desk that the accounts of those no longer affiliated with Utica College be deactivated. See also the Email policy.
 
Terminations and Revisions
Under normal circumstances, access to resources may be terminated, locked, or revised under any of the following situations:
 
  • The user’s employment is terminated (includes both employees and student workers).
  • The user has violated UC’s Employee Code of Conduct, the Code of Student Conduct, or other UC policy.
  • The user’s job functions change and access to certain resources is no longer required.
  • The end of the pre-determined access time frame has been reached.
  • As noted above, the student leaves UC before graduating.
  • The College is required to meet legal obligations.
  • Per written request of the appropriate supervisor.
 
During times of duress or any other reason deemed appropriate, access may be terminated upon request from the College’s President, the Vice President for Legal Affairs, the Office of Human Resources, the Director of Information Security, or their designees.
 
Changes in Service
Changes to an individual’s status may result in immediate changes to their account, without prior notification.
 
Changes to an individual’s status may result in immediate changes to their account, without prior notification. Notification of any system wide changes to including change of providers and elimination of accounts, will be sent via Utica College email with at least 30 days’ notice. Utica College is not responsible for users who fail to read and take action in response to these notifications.

RESPONSIBILITY:

It is the responsibility of any individual aware of a violation of this policy to report the violation to the Director of Information Security and Network Specialist immediately.
 
It is the responsibility of all data owners to bi-annually verify the rights of each user under their control.
 
It is the responsibility of the Office of Human Resources to initiate Banner accounts for UC employees and to reclassify Banner accounts for employees who leave UC, have their employment terminated, retire, or who are granted emeritus status.
 
It is the responsibility of the Office of Human Resources to initiate Banner accounts, upon request, for employees with auxiliary and other contracted partner organizations. It is also the responsibility of the Office of Human Resources to mark records as inactive to initiate the account termination processes.  It is the responsibility of the individual requesting accounts for employees with auxiliary and other contracted partner organizations to periodically review those accounts and request that the accounts of those no longer affiliated with Utica College be deactivated.
 
It is the responsibility of the individual requesting accounts for auxiliary employees, employees of the College’s academic partners, and vendors to periodically review those accounts and request that the accounts of those no longer affiliated with Utica College be deactivated.
 
It is the responsibility of the owner of the generic accounts to periodically review those accounts and notify IITS when those accounts are no longer needed.
 
It is the responsibility of Center for Student Success to establish active users in the Student Administrative System.  
 
It is the responsibility of Integrated Information Technology Services to set-up and maintain the programmatic processes that initiate email account generation and to create individual and/or departmental emails not handled by the automated processes, and to provide access to and/or terminate email accounts as outlined above.

ENFORCEMENT:

Enforcement of Utica College policies is the responsibility of the office or offices listed in the “Resources/Questions” section of each policy. The responsible office will contact the appropriate authority regarding faculty or staff members, students, vendors, or visitors who violate policies.
 
Utica College acknowledges that College policies may not anticipate every possible issue that may arise. The College therefore reserves the right to make reasonable and relevant decisions regarding the enforcement of this policy. All such decisions must be approved by an officer of the College (i.e. President, Provost and Senior Vice President for Academic Affairs, Vice President for Financial Affairs, Senior Vice President for Student Life and Enrollment Management, or Vice President for Legal Affairs and General Counsel).

RESOURCES/QUESTIONS:

See also the College’s Responsible Use of College Computing Resources and Email policies.
 
Please note that other Utica College policies may apply or be related to this policy. To search for related policies, use the Keyword Search function of the online policy manual.
Effective Date: 04/07/2021
Promulgation Date: 04/07/2021

Home | Contact Us | Site Map | Printable Version

I would like to see logins and resources for:

For a general list of frequently used logins, you can also visit our logins page.