 | Motivation for Account Policy
This policy provides the needed framework to support CSE departmental
users in their computing needs, manage costs, and maintain the integrity of our
systems, including security.
Account Policy
CSE faculty, staff, students, and affiliates gain access to computing
resources
via login accounts. An individual may have multiple accounts of
different types,
but only a single account of any given type (e.g., a user may have a
Unix account and a Windows account, but may not have more than one Unix
account). Sharing of accounts or passwords with another (whether a
department user or not) is strictly forbidden. Detection of account
sharing will cause all accounts involved
to be disabled. To re-enable the accounts the users will have to
physically present themselves at the CSEHelp offices with either
University of California or State-issued picture identification.
Accounts must be initially requested by the appropriate person (see
Appendix). All accounts will be set up with the departmental defaults
for access, storage, etc. Exceptions to the defaults must be approved
(see Appendix), and can typically be requested at any time (however,
see Namespace, below).
Every account has an associated role. A user's access to departmental
resources is dictated by that user's role in the department (see
Appendix, roles in lefthand column).
Every account has associated storage (disk space) quotas. Exceptions to
these limits must be approved by the appropriate person (see Appendix,
Quota Exceptions column). Exceptions can be approved by the proper
individual within limits of system and departmental resources.
Every account has an expiration mechanism. All accounts can be disabled
without notice in the case of a security compromise. Normal expiration of
accounts will be accompanied by a 30-day advance-notice to the account
owner and the account sponsor. Account data is not retained after
expiration. The notice will also provide a reminder to remove (or move)
any needed data from the account. After notification:
- Data access may be restricted to personal data.
- Upon expiration of an account, email forwarding will be available
upon request, up to 90 days
- Subsequently, a notification to senders of your
email address change is available upon
request for a year or until the account name is recycled by the
campus, whichever is first.
Namespace
Account names will be matched to the UCSD names assigned by ACS. An
alias can be assigned per account for email. Requests for
differing account names need to be received before account creation.
Notes:
As per the Recharge policy, exceptions for purposes beyond education and
administration are subject to recharge. As per the Policy policy,
CompCom is responsible for exceptions beyond those specified in this policy.
| User Role | Requester | Account Expiration | Default Access Options | Exceptions
(e.g., expiry, access) | Quota Exceptions
(disk space) | Notes |
|---|
| Staff | MSO | 30 days from separation | AD,
Email, CT, Homepage, Bizshares | MSO | MSO | |
| Research Staff | PI | 30 days from separation | AD, Email, CT, Homepage | PI | PI | |
| Student Workers | MSO | Immediately | AD,
Email, bizshares | MSO | MSO | |
| Grads | Grad Coordinator | Quarterly
+1 | Unix, Email, CT (upon request), Homepage | Advisor | Advisor | |
| Faculty | APO Coordinator | Never | AD, Email,
CT, Homepage | Self | Self (with limit) | Limited according
to available resources. Chair approves exceptions after separation. |
| Emeritus Faculty | APO
Coordinator | Never | AD, Email, CT, Homepage | Chair | Chair | |
| Guests | Faculty | Set when
requested | Email |
Sponsor | Sponsor | |
| Visiting Scholar | Visitor Coordinator | Set when
requested | Email | Sponsor | Sponsor | |
| Post Doc | Grad Coordinator | Set when
requested | [Grad] | PI | PI | |
| Class
Accounts | Faculty | Quarterly | Ape/Active Web | None | Faculty for Class | ECE, Extension,
ugrads |
| |
