1. Purpose
This policy defines the criteria necessary for an individual to obtain a computer account and the policies used for the creation, administration, and termination of computer accounts.
2. Background
Computer accounts are used to access computing resources such as wired and wireless networks, computers, e-mail, file shares, and information systems. The adherence to account management policies and procedures ensures that University resources and data are secure, available for authorized users, and efficiently used to support the University’s mission while ensuring compliance with data privacy regulations.
3. Scope
The account management policy applies to all individuals, including Mount Allison students, employees, affiliates, and guests of the University who may require a computer account.
4. Account username and password
4.1 Username
A computer account consists of a unique username and password.
The structure of Mount Allison usernames is recommended by the Director of Computing Services and authorized by the Vice-President, Finance and Administration. Usernames are currently based on the account holder’s legal name.
4.2 Changes to a username
Usernames may be changed to reflect a legal name change which has been recorded in the University’s official record for an individual. The owner of the account may request a username change through the Computing Services Helpdesk.
Employees must register a legal name change with Human Resources prior to requesting a change to a username.
Students must register a legal name change with the Registrar’s Office prior to requesting a change to a username.
Computing Services will change the username if a legal name change is in progress and the University record for the individual has been changed.
4.3 Passwords
Passwords are assigned to an account at the time the account is created.
It is the responsibility of the account holder to change the assigned password when the account is initially accessed.
When changing passwords, users must adhere to the University’s Password Policy.
4.4 Account Creation
4.4.1 Applicants and Students
When an applicant has applied for and been offered admission to the University, an account will be created and made available to the applicant for immediate use. This account will remain active if the applicant accepts the University’s offer of admission, enrols in a program of study with the University, and subsequently registers for courses as a student.
Students returning to the University after a break in study will resume use of the account that was created at the time of application.
4.4.2 Employees
An employee record must be created by Human Resources before a computer account can be created for a new employee. An account application form must be completed by the employee, signed, and returned to the Computing Services Helpdesk.
The username and password are provided to the employee by the Helpdesk either in person or by telephone. This information will not be communicated by e-mail. Identification must be provided to Helpdesk staff in order to receive account credentials.
4.4.3 Affiliate
An affiliate is a person who requires access to computing resources for an extended period of time but is neither a student nor an employee. An affiliate account is created at the request of a sponsoring employee, i.e. department head, dean, vice-president, and approved by the User Services Manager. The sponsor for an affiliate must be a full-time faculty or staff member. Affiliate accounts will be created with an expiration date.
4.4.4 Guests
A guest is a person who requires access to computing resources for a short period of time but is neither a student nor an employee. Guests may request a temporary account to obtain access to services. Guests attending an event booked through Conference and Event Services may obtain a guest account for the duration of the conference from the Conferences Office. Guests of the Library may receive a guest account, valid for one day, from Library staff. Other guest accounts may be requested from Computing Services Helpdesk staff.
4.4.5 Non-person accounts
A non-person account is an account associated with a computing system or device. Non-person accounts will be created only under specific circumstances and approved by the Director of Computing Services.
4.4.6 Shared accounts
A shared account is an account accessible by more than one person using a single password. A shared account will be created only under exceptional circumstances and approved by the Director of Computing Services. The Director of Computing Services will provide a list of such accounts to the Vice-President, Finance and Administration at least once per year.
4.5 Account Content
4.5.1 It is noted that the University is subject to the Right to Information and Protection of Privacy Act, SNB 2009, c R-10.6 (RTIPPA).
4.5.2 It is recommended that employees of the University only use University computer accounts for purposes of their employment with the University.
4.5.3 Staff members leaving the university will be asked, within two weeks of the last day of employment, to identify and remove personal data, including email and the contents of hard drives, network shares, and cloud storage locations. Retiring staff members may identify an email folder containing personal email that can be exported. The remaining data will be transferred to a designate or deleted. If the staff member does not identify personal data, all data will be transferred to a designate or deleted.
4.6 Account Management
4.6.1 Students
The status of a student at Mount Allison will be determined from information received from the Registrar’s Office.
The account for an applicant who was offered admission to the University but never attended classes will be deleted.
Students who attend Mount Allison will retain use of their account, including e-mail address (username@mta.ca) and the self-serve options available for students online.
The Director of Computing Services will authorize which services are available to students and former students.
Before graduation, students will receive an e-mail notification regarding computer account services that are changing and services that will no longer be available.
4.6.2 Employees
4.6.2.1 Faculty
The employment status of a faculty member will be based on information received from Human Resources.
Full-time faculty or librarians who leave the University may apply in writing to the Helpdesk to request an extension of e-mail service for a period of six months. In all cases, communication will be sent from the Helpdesk before services or access privileges are discontinued. An e-mail notification will be sent before deactivation, indicating when the mailbox and its content will be deleted.
Upon completion of their appointment, continuing part-time faculty members may apply in writing to the Helpdesk for continuation of their e-mail address in accordance with the governing provision of the Mount Allison Faculty Association (Part-time) collective agreement. In all cases, communication will be sent from the Helpdesk before services or access privileges are discontinued. An e-mail notification will be sent before deactivation, indicating when the mailbox and its content will be deleted.
Retired faculty (including professors emeriti and librarians emeriti) will retain use of their account for library privileges and e-mail use (username@mta.ca). As part of the departure process, the retiring faculty member will be asked to identify a mailbox folder containing personal and professional e-mail that will be exported from their mailbox. The mailbox will be deleted, removing all e-mail, and re-provisioned, after which the personal and professional e-mail only will be imported back into the mailbox.
4.6.2.2 Staff
The employment status of a staff member will be based on information received from Human Resources.
When a staff member leaves Mount Allison, access to staff e-mail and all network resources will be discontinued as of the end of employment, with the exception of accessing pay statement information online, which will remain accessible for a one-month period after the effective end date of employment. To preserve business continuity, an auto-reply message will be placed on the e-mail address. This message will indicate that the staff member has left the University’s employ and include instructions on where to redirect University e-mail. Once mailbox contents have been addressed as per 4.5.3 the mailbox will be deleted.
Retired staff may apply in writing, before their retirement date, to retain use of their account for e-mail use. Once mailbox contents have been addressed as per 4.5.3 the mailbox will be deleted, removing all e-mail, and re-provisioned, after which the personal e-mail only will be imported back into the mailbox.
4.6.3 Affiliates
Affiliate accounts are created with an expiration date. If an extension is required, the sponsor must make a renewal request prior to the expiry date.
When an affiliate leaves the University or the expiration date on the account has passed without a renewal request, all access is terminated.
4.6.4 Guests
Guest accounts are created with an expiration date. When the expiration date has passed, all access is terminated.
4.7 Requests not covered by this policy
Requests for computer accounts with characteristics not covered under this policy must be approved by the Provost and Vice-President, Academic and Research or the Vice-President, Finance and Administration.
4.8 Termination of accounts
The Director of Computing Services, with the authorization of the Vice-President, Finance and Administration, may restrict access and/or delete inactive computer accounts.
4.9 Policy Review
This policy will be reviewed one year after its effective date and every three years thereafter.