Effective Date: September 6, 2017 *
Last Reviewed: June 7, 2023*
* name of title changed and was amended
Purpose
This policy defines eligibility for user accounts that enable access to the Stonehill College network, information resources and applications. It also provides guidelines for the creation and termination of these accounts.
Scope
This policy applies to all Stonehill College employees including, but not limited to, staff and faculty, and any other individuals working for or acting as an agent or representative of the College. This policy also applies to current Stonehill College students, Emeritus(a) faculty/staff, and affiliates of the College. Additionally, this policy applies to vendors under contract with Stonehill College that require access to the College’s network and/or technology resources to provide service.
Policy
User accounts are provided based on the role of an individual relative to Stonehill College. Accounts are used to conduct College business, to communicate, and to enable access to resources for teaching and learning. Accounts which enable access to view and change college information systems require authorization through an Account Request for access to each specific application. Eligibility for accounts and procedures for account expiration are detailed below.
Definitions
Stonehill account
The Stonehill account is created in the MS Active Directory and is the primary source of authentication for various applications and services, including the campus network, VPN, email, Office 365 applications, the portal, and the learning management system.
Application security
Application security consists of an individual user account with role-based access to view or update data in College information systems. Security is established for a specific information system through an Account Request with authorization from the department head and the appropriate information custodian.
Procedures
Staff
A Stonehill account and a mailbox are created for all staff upon notification of employment to the IT Service Desk from Human Resources. Staff are eligible for application security with appropriate authorization based on their job function.
When a staff member is terminated involuntarily, all accounts for that employee are terminated immediately upon notification to the IT Service Desk from Human Resources. When a staff member resigns their position, all accounts are terminated within a day of the employees last day of employment based on information provided from Human Resources. Requests for exceptions to these limits must be sent in an email to the IT Service Desk from the department’s Division Head.
Accounts for Emeritus(a) staff may be continued upon written notification sent in an email to the IT Service Desk from the Office of the President.
Faculty
Stonehill accounts and mailboxes are created for all full time and part time faculty upon notification of employment to the IT Service Desk from Human Resources. Faculty are eligible for application security with appropriate authorization based on their specific roles.
When a faculty member is terminated involuntarily, all accounts for that faculty member are terminated immediately upon notification to the IT Service Desk from Human Resources. When a faculty member resigns their position, authorized application access will be terminated two weeks after the close of final grades for their last semester. Faculty will retain access to email and applications provisioned based on the role of faculty until either November 1st or April 1st , whichever comes first after their last semester. Extended access is provided to communicate with students and respond to grading issues. Requests for exceptions to these limits must be in writing from the Vice President for Academic Affairs.
Accounts for part time faculty will be reviewed at the end of each semester, in January and June. Human Resources, working with the Office of the Vice President for Academic Affairs, will notify the IT Service Desk to terminate accounts for part time faculty whose employment will not be continued. The account will be terminated upon notification if more than one semester has passed since the adjunct taught. Otherwise, it will follow the termination process specified above for faculty.
Accounts for Emeritus(a) faculty may be continued upon written notification sent in an email to the IT Service Desk from the Vice President for Academic Affairs.
Students
Stonehill accounts are created for all new students who pay a deposit after receiving an admissions acceptance. Email accounts are also created at that time.
Student employees are eligible for application security with appropriate authorization based on their job function. Application security for student employees will be established through an Account Request with authorization from the department head and the appropriate information custodian. Department heads are responsible for review of application security for their student employees at the end of each semester.
Stonehill accounts are terminated on November 1st and March 1 st for students who have withdrawn or left the college, excluding students on an official leave of absence. Accounts for students who graduate in a given academic year are terminated on or about August 15th, approximately 3 months after Commencement.
Affiliates
Accounts for personnel who are not employed by Stonehill College are created based on receipt of an authorized Account Request. Generally these accounts are provided for third party service providers with specific application access requirements and affiliates with a specific relationship to Stonehill College. These accounts may be established with a defined expiration date provided by the department head.
Department heads are responsible for notifying the IT Service Desk immediately if the account is no longer required. Department heads are also responsible for responding twice a year, on January 2nd and June 1st, to a request from the IT Service Desk to renew the account. Accounts are terminated within 15 days of the request if the department head indicates the accounts are no longer require or the department head does not respond.
Vendors
Accounts that must be established for a vendor, and not for an individual, are created based on receipt of an authorized Account Request. Generally these accounts are provided for third party service providers with specific access requirements, typically involving support for College systems. The Account Request must specify the exact need and the account will be specifically secured according to those requirements. Whenever possible, these accounts should be established with a defined expiration date provided by the department head or disabled after each use.
Department heads are responsible for notifying the IT Service Desk immediately if the account is no longer required. Department heads are also responsible for responding twice a year, on January 2nd and June 1st, to a request from the IT Service Desk to renew the account. Accounts are terminated within 15 days of the request if the department head indicates the accounts are no longer require or the department head does not respond.
User Responsibility
Each user is responsible for moving personal files and email to alternate accounts or media prior to the termination of their Stonehill account. Staff and faculty are responsible to turn over to their supervisor any College related files or email communications that are needed by their department or important to ongoing operations and to transfer relevant electronic records to the College Archives. Staff or faculty who retire and want to continue to receive email correspondence from the College are responsible for providing a personal email address to the Office of Human Resources.
Department Head Responsibility
Department heads are responsible for notifying the IT Service Desk of changes in the job functions of any of their employees that would cause their application security to change or be terminated. Department heads are also responsible to ensure that supervisors work with departing staff and faculty to retain any College related files or email communications that are needed by their department or important to ongoing operations.
Division Head Responsibility
Division Heads are responsible for notifying the IT Service Desk in writing to request exceptions to this policy. Division Heads may also request that accounts for specified employees be disabled and specify an away message for their mailbox to alert external constituents of an employee change. The away message and account will remain active for a two week period.
Exceptions
Stonehill College reserves the right to make exceptions to this policy on an individual basis when it is determined to be in the best interest of the College. All exceptions must be authorized in advance in writing by the department’s Division Head.