Student Employee Access to Administrative Systems
MEMORANDUM / Request Form
To: Directors, Administrative Departments September 2009
Subject: Student Employee Access to Administrative Systems
1. Information Technology policy states that individuals categorized as active students of the college are prohibited from direct logon access to the administrative data systems on the administrative portion of the network. Administrative data systems include the Peoplesoft Enterprise Reporting Planning (ERP), AdvanceC/S, Housing Director, Safety & Security (REX), Dining Center (IAS), Bookstore (PRISM), Library(I3 and Muscat), Events (R25/S25), Card Access (Pinnacle), and Outlook/Exchange. These systems (and any new IT supported system in the future) require greater data security and system security controls and protections.
2. Infrastructure Computing/IT designs and establishes positive network access logon control measures to implement this policy in accordance with other IT policies, such as the Network Use Policy. Other IT departments design and establish positive application logon access control measures implementing this policy complimenting the multi-layer security posture. Exceptions to this policy are authorized on a case-by-case basis, but must be closely monitored by IT and the Division(s) requesting an exception.
3. The College has permitted the use of students as employees in many administrative offices; therefore increasing the demand for access to Administrative data systems. In order to permit efficient access and to prevent security breaches, such as an employee using their logon for students, the following procedures are authorized as an Exception to this policy:
Department Directors (not delegated) can request an exception of policy from the Vice President for Information Technology using attached web memo for each named student employee. The web memo will be emailed directly to VP, Information Technology. This email will automatically generate a Helpdesk request.
Exception will only be for the period of time that the student actually works in the department's office, and cannot exceed the end of academic term. All access will be promptly deleted at end of term.
Exception cannot be transferred to another office if the student transfers. Exception cannot cover more than one office; a second request must be submitted if student works in two or more administrative offices.
Summer employment and winter break by Gettysburg College students is assumed to be a new academic term for this policy.
Note: Students of other colleges, schools or temporary employs working for the summer will be treated as casual employees, not covered under this policy.
Students will sign a Confidentiality Statement prior to access and original copy will stay in Human Resource office, Penn Hall.
Department Functional Analyst (cannot delegate) will be responsible for granting student access to the local workstation and removing access at the end of term or period of employment. Instructions for adding student(s) to the local administrator account on each workstation will be provided by Infrastructure Computing/IT.
4. All requests approved for a term, or period of time, will automatically end at close of business last day of the academic term, (normally the last day of 'finals') and IT will immediately remove student logon access to all administrative data systems.
5. Any system incident, negligence, abuse, breach of security access, mis-use or compromise of data, or attempt to access any administrative computing system outside of the administrative office's area of supervision for any reason will immediately terminate the student employee's access authorization, as well as result in a referral to Student Judicial Review board according to the IT Network Use Policy.