Recent Searches

Loading Search Results...
Loading Directory Results...
Close

History

Close

Recent Pages

Recent Searches

PantherTech Support

ITS Identification Policy

Policy Statement

Access to University information and/or information resources must be done using identifier and authenticators that are unique to each individual and/or group. User identifiers may only be granted to individuals formally associated with the University and access granted to such identifiers may only be granted if requested by an authorized individual. All access granted through the use of identifier and authenticators must be revoked immediately upon separation from the University and/or the revocation of individual’s need to access such information..

Entities Affected By This Policy

All individuals at the University

Contacts

Assistant Director of Information Security 217-581-1904

Principle

User Identification and Authentication

  • All information resources allowing access to internal, protected and/or nonpublic information must have the ability to uniquely identify and authenticate users
  • Any information resource allowing access to internal, protected and/or nonpublic information must utilize unique identifiers for each individual accessing the resource that meet, at minimum, the standards outlined below
  • Any information resource utilizing unique identifiers to allow access to internal, protected and/or non-public information must also utilize unique authenticators that meet, at minimum, the standards outlined below

Device Identification and Authentication

  • All information systems connecting to non-public sections of the University network must be uniquely identified and authenticated for such access
  • Identification and authentication of information resources may be handled through:
    • Media Access Control (MAC) address registration
    • Network Access Control (NAC) technologies utilizing user authentication

Identifier Management

  • All user identifiers must uniquely identify individual users
  • User identifiers may only be granted after verifying the identity of the user through the Banner system following established University procedures for new hires, new students, third-party access, etc.
  • Access to information systems granted to user identifiers may only be made after receiving authorization from an appropriate University official.

For example:

    • General access may only be granted once an individual is entered into Banner as in an active state
    • Access to Internet Native Banner data may only be granted if requested by the appropriate Data Custodian
    • Access to select Self-Service Banner data may only be granted if requested by the appropriate Data Custodian
    • Access to departmental information resources may only be granted if requested by an individual within the department with appropriate authority
  • User identifiers established for individuals may only be given to the individual and the individuals direct supervisor (faculty and staff) or the individuals documented academic advisor (students)
  • User identifier access must be disabled upon the individual’s separation from the University, unless:
    • Continued access has been granted in University policy
    • Continued access has been requested by a Vice President of the University
  • User identifier access to departmental or specific INB data must be removed
    • If the individual changes departments
    • If the individual changes job roles
    • If the individual no longer requires access to the information resource
  • Upon request from the individual’s supervisor or other appropriate University official
  • User identifiers must be archived once disabled and retained for a period of 6 months
  • All group identifiers must be linked to a single staff and/or faculty “sponsor”
  • Group identifiers may only be given to the individual assigned as the group “sponsor”
  • Group identifiers will remain active so only as the group account is required
    • Group identifiers must be renewed annually by group sponsor
  • Group identifiers must be archived once disabled and retained for a period of 6 months 

Related Documents

Federal Educational Rights and Privacy Act 

Supporting Policies, Procedures and Guidelines

University Network Identity Life-Cycle Policy

Banner Access Request Forms (Available from Banner Security Specialist)