1.0 Purpose
This policy provides guidelines for appropriate user account privilege settings used during normal computer operations.
Computer security is the primary driving force behind this policy. In recent years the hackers have significantly increased their ability to compromise systems, making these systems participants in illicit activities or resulting in them being vulnerable to harvesting of institutional data or intellectual property. The majority of daily business related computer operations do not require administrator (privileged) account access because few individuals need to install or update applications every day. Most programs (of particular concern are web browsers) run at the same privilege level as the active user account. Even a well maintained system may be vulnerable to recently developed attacks. If the program is running with administrative level permissions, the compromise potentially has unfettered access to all system files and system resources.
2.0 Scope
This policy covers all systems connecting to College of Engineering networking resources, systems owned by the College of Engineering or systems accessing and/or storing College or University owned data.
3.0 Policy
To comply with this policy, users of computer systems must:
4.0 Enforcement
Violation of this policy may result in termination of network access. Furthermore, any employee found to have violated this policy may be subject to disciplinary action by their Administrative unit, the College, or the University.
5.0 Definitions
Terms |
Definitions |
Administrative Level Privileges |
The highest level of permission that can be granted to a computer user. This level of permission normally allows the user to install software, manage the system, and change configuration settings. |
Privilege escalation software |
A program that elevates the privilege level of a program or group of programs above that of the user. |
6.0 Revision History
Last updated: 9/10/2009
ECS is designing for the future.