Difference between revisions of "Internal:Technology access policy amendment"

From Wikimedia District of Columbia
Jump to navigation Jump to search
(terminology)
m (ce.)
Line 6: Line 6:
 
: (b) By striking Article III, Paragraph 4.
 
: (b) By striking Article III, Paragraph 4.
 
: (c) By inserting the following as Article V – Offboarding:
 
: (c) By inserting the following as Article V – Offboarding:
:: 1. <u>Use of Protocol</u>. The offboarding protocol as defined in this Policy shall occur when an Officer, Director, employee, contractor, or volunteer is no longer serving in any role in the Corporation, and when access to Corporation systems is no longer warranted. Those who are subject to access removal pursuant to this Policy are considered "offboarded individuals."
+
:: 1. <u>Use of Protocol</u>. The offboarding protocol as defined in this Policy shall be used when an Officer, Director, employee, contractor, or volunteer is no longer serving in any role in the Corporation, and when access to Corporation systems is no longer warranted. Those who are subject to access removal pursuant to this Policy are considered "offboarded individuals."
 
:: 2. <u>Email Access</u>. The Secretary shall terminate access to any email accounts in use by the offboarded individual. To maintain continuity, it is recommended that terminated email accounts have incoming mail forwarded to a new email address, provided that no emails are sent from the terminated account.
 
:: 2. <u>Email Access</u>. The Secretary shall terminate access to any email accounts in use by the offboarded individual. To maintain continuity, it is recommended that terminated email accounts have incoming mail forwarded to a new email address, provided that no emails are sent from the terminated account.
 
:: 3. <u>Removal from Sensitive PII Tools</u>. The President shall remove access of an offboarded individual from any Sensitive PII Tools.
 
:: 3. <u>Removal from Sensitive PII Tools</u>. The President shall remove access of an offboarded individual from any Sensitive PII Tools.

Revision as of 08:46, 18 January 2016

Status: Under Review

The Technology Access Policy is amended:

(a) By striking Article III, Paragraph 3, and inserting the following as Paragraph 3:
3. Access. Individuals shall only be granted access to a Sensitive PII Tool on a need-to-know basis and with the approval of the President. Shared accounts shall be prohibited.
(b) By striking Article III, Paragraph 4.
(c) By inserting the following as Article V – Offboarding:
1. Use of Protocol. The offboarding protocol as defined in this Policy shall be used when an Officer, Director, employee, contractor, or volunteer is no longer serving in any role in the Corporation, and when access to Corporation systems is no longer warranted. Those who are subject to access removal pursuant to this Policy are considered "offboarded individuals."
2. Email Access. The Secretary shall terminate access to any email accounts in use by the offboarded individual. To maintain continuity, it is recommended that terminated email accounts have incoming mail forwarded to a new email address, provided that no emails are sent from the terminated account.
3. Removal from Sensitive PII Tools. The President shall remove access of an offboarded individual from any Sensitive PII Tools.
4. Removal from Servers. The President shall terminate the shell accounts of an offboarded individual. The President at his or her discretion may delete the offboarded individual's home directory and files.