Information Technology Services

Service Catalog       CIO       ITS Hours       Contact       Site Map                   

• About ITS
• Accounts
  • New NetID
  • NetID Information
  • Other Accounts
  • Password FAQ
  • Change Password
• Communication Services
  • Voice Communications
  • Voice Services Forms
  • Cellular
  • Cellular Calling Plans
  • Long Distance
  • Calling Cards
  • Pagers
• Computer Labs
  • Pods & Classrooms
  • Location Map
  • Hours
  • Holiday & Break Hours
  • Classroom & Conference Scheduling
• Email
  • Email Access
  • Webmail
  • Mailing Lists
  • Targeted Mailings
  • Spam
• General Services
  • Backup & Recovery
  • Calendar
  • Conferences
  • Equipment Recycling
  • Hardware Maintenance
  • Instructor Evaluation
  • Surveys & Elections
  • Test Scoring
  • Vendors
  • Web Authoring
  • Other Campus IT Services
• Network & Internet
  • Blocked Ports
  • Branch Network
  • Dialup
  • National Lambda Rail
  • Network Backbone
  • Network Tools
  • On Campus
  • Resnet
  • Wireless
• Documentation
  • Design Guidelines
  • Instructional Guides
  • Quick Refs
• Security
  • Best Practices
  • Credit & Identity
  • Malware Information
  • Report Incident
  • Security Information
  • Virus Information
• Software
  • Software Distribution
  • Supported Software
  • Downloads
• Support
  • ECC
  • FastInfo
  • Connect UNM (Login)
  • Support Center
  • Training
  • Contacts
• System Status
  • ITS Alerts
  • ITS Voice Alerts
  • ITS Network Alerts
  • Link Alerts
  • sysinfo-l

NetID Account Locking and Unlocking Policy

As the first level of intervention, and to protect the UNM’s computer systems and resources, as well as personal and administrative data, Information Technology Services (ITS) will lock NetID accounts for the following reasons:

• compromised or stolen account
• compromised password
• misuse/abuse of system or network resources (third event)
• harassment
• printing sexually explicit images on ITS printers
• violations of UNM’s Acceptable Computer Use policy in ITS computer pods
• BSA or manager/supervisor request
• department/organization account violations
• attempts to defeat ITS security
• multiple or varied off-site logins
• delinquent pay-for-use accounts
• post-reinstatement violations

ITS reserves the right to lock NetID and other UNM computer accounts, and to require violators undergo education and training on the proper use of their accounts. In addition, ITS will provide violators with a copy of UNM’s Acceptable Computer Use policy in either electronic or hard copy form. Certain locking violation could also result in disciplinary action by the University or in criminal prosecution.

Compromised or Stolen Accounts

ITS immediately locks an account if there is adequate reason to believe the account has been compromised or stolen by an intruder.

Examples of adequate reason include existing evidence that the owner is not using the account, and the presence in the account of programs used exclusively for breaking computer security or damaging computer systems.

Following are specific situations that might indicate an account has been compromised or stolen and that could result in the locking of the account:

• A customer reports to ITS that he or she cannot run the Create a New NetID program because someone else has already created an account using his or her identity.

• The Security Administrator, the UNIX Coordinators or systems personnel notice abnormal login activity, such as one account being logged into simultaneously from multiple sites, or a customer telling ITS that someone was bragging about stealing an account. The legitimate account owner must contact the Security Administrator or the UNIX Coordinators to have the account unlocked.

• An account is used locally during a period of time when the owner has notified the Security Administrator, the ACF2 Administrator or a Business Security Administrator (BSA) that he or she is on vacation or otherwise absent. The legitimate account owner must contact the Security Administrator or UNIX Coordinators upon returning to have the account unlocked.

• A user attempting to log in to an ITS machine from off-site is unable to provide the personal information required by the verification shell.

• A BSA believes that an administrative account has been compromised and asks ITS to lock the account. The legitimate account owner must contact the ACF2 Administrator, the BSA or the Security Administrator to have the account unlocked.

• An MVS, IDMS and TSO account has not been used for six months. Such accounts will be locked and eventually deleted, regardless of whether the owner is still at UNM. After an account is removed, the user must contact the designated BSA to reapply for access.

Back to Top

Compromised Password

Accounts whose passwords have been compromised will either be locked or placed in the verification shell. Upon the next login attempt, the verification shell will require the person to enter personal information that should be known only to the legitimate account owner. If the individual cannot provide the correct information, the account will be locked. The account owner must contact ITS Computer Accounts (277.8130) to have the account unlocked.

Back to Top

Misuse/Abuse of System or Network Resources (Third Event)

A third incident of misuse or abuse of ITS system or network resources will result in the temporary or permanent account locking, depending on the nature of the violations. Certain kinds of misuse or abuse could result in disciplinary action by the University.

Examples of system/network misuse and abuse include, but are not limited to, the following:

• repeatedly leaving an email spool so large that no other users on the system can receive mail
• repeatedly exceeding disk space allocations
• using a UNM NetID account to sell or otherwise distribute copyrighted materials through electronic means, such as Web pages, FTP, email, etc.
• repeatedly writing programs that allocate huge amounts of memory
• using a NetID account to send email chain letters
• rendering ITS computers or the accounts of other NetID holders unusable

First and Second Warning

After the first incident, ITS will send an email to the account holder warning them of the violation. The account holder will also be provided with a copy of UNM’s Acceptable Computer Use policy.

If the account holder commits a second violation, ITS will send a second warning email. The offender will be required to certify by email that they have read and agree to abide by the UNM’s Acceptable Computer Use policy.

After each violation a UNIX Coordinator will contact the account holder by email and explain how the offending activities caused a problem for ITS’s systems. These emails are CC ’d to the ITS Security Administrator.

Third Event

After the third incident of misuse or abuse, ITS will lock the account. A report of the violation will be forwarded to the Dean of Students Office, the Office of the Provost or the staff supervisor for possible disciplinary action. The offender must contact the ITS Security Officer to receive training on the proper use of his or her account and must sign a User Reinstatement Form.

Back to Top

Harassment

If a NetID holder receives harassing email from another NetID holder, ITS will lock the offender's account if:

• the incident of harassment has rendered the victim’s account unusable, or
• the harassment is a documented second offense.

ITS will make an effort to contact the offender before locking the account and attempt to resolve the situation. In addition, ITS will provide the victim with information on how to respond to harassing emails and deter future harassment.

Victims of harassment are advised to:

• Keep copies of all emails to and from the harasser.
• Reply clearly and rationally to the harasser that you do not want to receive any more emails from that person.
• Refrain from engaging the harasser in a prolonged, back-and-forth correspondence.
• Notify the Assistant Dean of Students if the harasser is a student or the staff supervisor if the harasser is a UNM employee.
• Notify the police if you feel in danger or are aware of illegal activity involving the harasser.

Back to Top

Printing Sexually Explicit Images on ITS Printers

NetID holders who are observed by ITS Operators using ITS printers to print sexually explicit images could have their accounts locked. The Director of Central Systems and Operations Support (CSOS) will verify the offense with the ITS Operator before reporting it to ITS for account locking. The account owner must contact the Director of CSOS before asking ITS to unlock the account.

Back to Top

Violations of UNM’s Acceptable Computer Use Policy in ITS Computer Pods

ITS computer pod managers may request that an account be locked for violations of UNM’s Acceptable Computer Use policy observed in ITS computer pods. The pod manager will email or meet with the offender to educate him or her about proper use as outlined in the Acceptable Computer Use policy.

Examples of violations that could result in account locking include:

• game playing on ITS computers during restricted hours
• malicious or repeated misuse of pod or ITS resources or equipment
• printing sexually explicit material, if it can be viewed by others, or refusing to remove sexually explicit images from the workstation screen, if images can be viewed by others.
  
  Note: Printing sexually explicit images on ITS printers is a locking violation.

The pod manager will send an email to the offender summarizing their meeting. This email is CC ’d to the ITS Security Administrator, and the Dean of Students, the Office of the Provost or the offender’s supervisor.

Back to Top

BSA or Supervisor/Manager Request

If a UNM employee is leaving the university under administrative leave, his or her manager/supervisor, or the BSA for that department, may request that the employee’s NetID account be locked. Requests may be phoned in to ITS Security or ITS Computer Accounts for immediate locking. The manager/supervisor or BSA must follow up the request with an email or other documentation describing the reason for the locking request.

Back to Top

Department/Organization Account Violations

Department or organization multi-user accounts are subject to locking for any of the violations listed in this policy. Unlocking a multi-user account could take longer than an individual’s account because the investigation process is more complex. The designated department or organization representative must contact the Security Administrator, the BSA or the UNIX Coordinators to have the account unlocked.

Back to Top

Attempts to Defeat ITS Security

ITS will lock the account of any NetID account holder who is discovered to have defeated, or attempted to defeat, ITS security, auditing or accounting. Potential violations include scanning systems for vulnerabilities, attempting to access a protected data set, or modify a system file. ITS will report the violation to the Dean of Students Office, the Office of the Provost or the staff supervisor for appropriate disciplinary action.

Back to Top

Multiple or Varied Off-Site Logins

NetID accounts with multiple or varied off-site logins will be placed in the verification shell. Upon the next login attempt, the verification shell will require the user to enter personal information that should be known only to the legitimate account holder. If the user cannot provide the correct information, the account will be locked. The user must contact ITS Computer Accounts to have the account unlocked.

Back to Top

Delinquent Pay-for-Use Accounts

If a pay-for-use account is 90 days past due, and no payment is received within the next 30 days, the account will be locked. The account holder must contact the Director of CSOS to request reinstatement of the account.

Back to Top

Post-Reinstatement Violations

NetID account holders who commit a second locking violation after signing a User Reinstatement Form may be subject to losing their ITS computing privileges permanently. The violation will be reported to the Dean of Students office, the Office of the Provost or the staff supervisor for possible disciplinary action.

Back to Top

The University of New Mexico, Albuquerque, NM 87131, (505) 277-0111
Copyright © 2005 The University of New Mexico. See our Standard Disclaimer and Copyright Information Page.
In accordance with the Americans with Disabilities Act, the information in this site is available in alternate formats upon request.
Comments to ITS Web Team