Local Administrative Rights

Author Desmond Stewart on December 20, 2010 | Print | Bookmark

As a matter of prudent data security policy, CITS does not extend administrative rights to local workstations to end users by default. This position is taken to insure the highest level of stability and security. Computers are configured to a standard that provides for both environment that allows users to perform their daily responsibilities and prevents many support problems by insuring that changes are only made after testing and planning.

In certain situations, this security level may be necessary. For instance:

  • To install and/or update or operate specific task related applications – CITS maintains (installs, configures, upgrades and updates) all line-of-business applications deemed necessary for the average user (see CITS software policy).
  • Where the requesting user is of qualified technical ability

In this article:

Policy of Usage of Administrative Access

Usage of Administrative Accounts on University inventoried machines are is limited to actively authorized University personnel. Users must:

  • Only use for the request purpose
  • Not modify properties of other accounts – including not giving other accounts administrative rights
  • Comply with all University policy and procedures – particularly the AUP and Software Policy
  • Use administrative right only when necessary and not for everyday use
  • Insure that domain monitoring and anti-virus software stay intact

Limitations on Help Desk Support for administrative Account Holders

Users granted administrative accounts will forfeit the level 1 (front line) support assigned in the Default Service Level Agreement (SLA). Due to this deviation from the University standard configuration, Level 1 support will not be able to reliability provide assistance. Users with administrative accounts should be of sufficient technical ability and, therefore, not require basic technical support. Any support call will be immediately escalated to Level 2 support and acted upon in a “best effort” basis as time allows. If Level 2 support determines that the user’s issues are caused by misuse of administrative accounts, that account with be permanently disabled as part on the remediation process.

Procedure to Obtain Administrative Rights to a Local Workstation

Users requesting administrative rights to their workstation must complete the tasks below.

  1. Read and understand all of the University Policies concerning administrative rights
  2. Obtain an official request form from the Office of the CIO
  3. State the specific reason for the request
  4. Complete, sign and date the request and have their immediate supervisor endorse the same
  5. Return the signed form to the Office of the CIO
  6. Please allow 2 – 4 days for the Office of the CIO to process the request.

After completion of this document, the CIO, at his discretion, will approve or deny with cause the request for administrative rights.

Was this article helpful?

Yes No

Category: Software, Policies, Windows

Last updated on October 22, 2012 with 2505 views