Policies and Procedures Banner Text Only Tool

19.09 / Network/System Administrators

Purpose:
The purpose of this statement is to set forth University policy with regard to the responsibilities of a Network/System Administrator employed by Wichita State University.

Preamble: 
The increased use of networked systems as a necessary means of managing information, reducing cost and increasing productivity requires that policies be developed.  This policy sets forth the responsibilities and expectations of a Network/Systems Administrator (hereafter "N/S A") employed by Wichita State University. 

Policy Statement:

1.  The N/S A is responsible for the security of information stored on his/her networks or systems.

2.  The N/S A must take appropriate and reasonable steps to inhibit attempts to obtain unauthorized copies of computer software, computer data, and/or software manuals.

3.  The N/S A must take appropriate and reasonable steps to make certain that the number of simultaneous users of software does not exceed the number of original licenses purchased.

4.  The N/S A should take steps to insure that assigned passwords are nontrivial and give users guidelines for choosing strong passwords.

5.  The N/S A must take appropriate and reasonable steps to assure that access to his/her computer operations areas are restricted to those responsible for operation and maintenence. 

6.  The N/S A must take appropriate and reasonable steps to assure that default passwords shipped with servers, operating systems software or applications are changed when the hardware or application is installed or implemented.

7.  The N/S A must take appropriate and reasonable steps to assure that special access to information or other special computing privileges are used only in performance of official duties.

8.  The N/S A must take appropriate and reasonable steps to assure that gaining unauthorized access to a system (or area of a system) through the use of knowledge gained during a previous position at the University is prevented.

9.  The N/S A may not give access to any user on a system for which the N/S A is not an administrator.

10.  The N/S A must take appropriate and reasonable steps to assure that computer installations will have defined procedures for maintaining data integrity during hardware repair, and that a schedule of preventive maintenance for the computer systems is established where appropriate. 

11.  The N/S A should install fixes/patches to known operating system problems as expeditiously as possible.

12.  The N/S A must take appropriate and reasonable steps to assure that sessions with root or other privileged access must be logged off to a point that requires a new log-on whenever the user leaves the work area.

Implementation:
This policy shall be included in the WSU Policies and Procedures Manual and shared with appropriate constituencies of the University.

The Chief Information Officer shall have primary responsibility for publication, dissemination and implementation of this University policy.

Effective Date: 
July 22, 2003

Click the left half to go to Chapter 19. Click the right half to go to the Table of Contents. Chapter 19 Table of Contents