Information Technology Services

Service Catalog       CIO       ITS Hours       Contact       Site Map                   

• About ITS
• Accounts
  • New NetID
  • NetID Information
  • Other Accounts
  • Password FAQ
  • Change Password
• Communication Services
  • Voice Communications
  • Cellular
  • Cellular Calling Plans
  • Long Distance
  • Calling Cards
  • Pagers
  • Telephones
• Computer Labs
  • Pods & Classrooms
  • Location Map
  • Hours
  • Holiday & Break Hours
  • Classroom & Conference Scheduling
• Email
  • Email Access
  • Webmail
  • Mailing Lists
  • Targeted Mailings
  • Spam
• General Services
  • Backup & Recovery
  • Calendar
  • Equipment Recycling
  • Hardware Maintenance
  • Instructor and Course Evaluation System
  • Mailing Labels
  • Test Scoring
  • Vendors
  • Conferences
  • Surveys & Elections
  • Other Campus IT Services
• Network & Internet
  • Blocked Ports
  • Branch Network
  • Dialup
  • National Lambda Rail
  • Network Backbone
  • Network Tools
  • On Campus
  • Resnet
  • Wireless
• Documentation
  • Design Guidelines
  • Instructional Guides
  • Voicemail
  • Login
  • Telephone User Guides
  • Quick Refs
• Security
  • Best Practices
  • Credit & Identity
  • Malware Information
  • Report Incident
  • Security Information
  • Virus Information
• Software
  • Software Distribution
  • Supported Software
  • Downloads
• Support
  • ECC
  • FastInfo
  • Newcomer's Guide
  • Support Center
  • Training
  • Voice Services Forms
  • Web Authoring
  • Contacts
• System Status
  • ITS Alerts
  • ITS Voice Alerts
  • ITS Network Alerts
  • Link Alerts
  • sysinfo-l

UNM Information Technology Procedures
Access to or Locking of Individual Accounts and
Computers

 

Guiding Principles

As centralized University of New Mexico (UNM) Information Technology (IT) departments, ITS and HSLIC manage accounts that provide access to electronic information stored on centralized, campus-wide business systems (e.g., ERP, email, directory, file sharing systems). As the authentication, authorization and retention authority for these systems, ITS and HSLIC's role in the case of the security incidents described below is to assist the appropriate authority in their investigative efforts and help ensure that all IT- related investigatory activities are properly supported by UNM policy and federal, state and local laws.

ITS and HSLIC do not physically confiscate or secure equipment, nor do they provide requestors with information about a pending investigation. ITS or HSLIC staff will not perform forensic analysis of information or accounts; however, they will assist the appropriate invesigating authority in gaining access to electronically-stored information so that the authority can perform forensic analysis.

Action Related to Actual or Suspected Security Incidents

Type I:  Account locking requests due to UNM disciplinary actions, actual or suspected policy violations (including misuse of IT resources) or separation from the university. Accounts to be locked could include: directories, applications, file servers, email systems, etc. Request for account locking (and subsequent unlocking as appropriate) can come from: the appropriate IT security official (for misuse of IT resources); the employee's supervisor, department chair, director or vice president or the dean of students.

Type II:  Requests for information stored in an account associated with an employee, by supervisor or policy-defined authority for non- investigative purposes. Such occasions include during an employee's leave or if an employee voluntarily separates from the university, when work-related information must be obtained. Request for information access or information recovery for non-investigative purposes can come from the employee's supervisor, department chair, director or vice president. Per UNM policy, only information clearly pertinent to the request can be accessed.

Type III:  Request for information access for involuntarily-terminated employees or for formal investigation of suspected violations of policy, federal, state, or local law. Request for information access must come, in writing, from the vice president's office that is in the reporting hierarchy of the person under investigation.

Incidents that cannot be classified into one of these three categories will be handled on a case by case basis, as appropriate.

 

rev. date 1/2006

The University of New Mexico, Albuquerque, NM 87131, (505) 277-0111
Copyright © 2005 The University of New Mexico. See our Standard Disclaimer and Copyright Information Page.
In accordance with the Americans with Disabilities Act, the information in this site is available in alternate formats upon request.
Comments to ITS Web Team