Purpose

This document outlines the responsibilities and obligations an end-user assumes if granted administrative privileges on their University-provided computer(s). By default all end-user computers provided by the University at Penn State Wilkes-Barre will be configured to operate in least-privilege mode. In the event the end-user's work requires administrative privileges, this document outlines the conditions under which that access will be provided.

Scope

This policy applies to all Penn State Wilkes-Barre full-time and part-time faculty, staff and students. Administrative privileges will only be granted when there are extenuating circumstances and will be limited to the amount of time that Information Technology staff believes is necessary to solve the problem.

Definitions

Remediate - correct or make right.

Policy

Completion of the Administrative User Rights Agreement is a requirement to be given administrative rights on a University owned computer. This agreement must be renewed annually.

Guidelines

Usage of Penn State computer systems, software, and network services acknowledges agreement by the user to comply with all applicable University and Penn State Wilkes-Barre policies including, but not limited to Guideline ADG08 COLLECTION, STORAGE AND AUTHORIZED USE OF SOCIAL SECURITY NUMBERS AND PENN STATE IDENTIFICATION NUMBERS, Policy AD95 - INFORMATION ASSURANCE AND IT SECURITY, Policy AD96 - ACCEPTABLE USE OF UNIVERSITY INFORMATION RESOURCES, Policy AD53 PRIVACY POLICY, AD57 General Regulations on Use of University Property. These policies may be referenced at https://guru.psu.edu/POLICIES/.

Penn State Wilkes-Barre systems are subject to electronic auditing by Penn State Wilkes-Barre Information Technology Services staff.

Specific user responsibilities include:

  1. Read and agree to abide by all applicable University and Penn State Wilkes-Barre policies including, but not limited to Guideline ADG08 COLLECTION, STORAGE AND AUTHORIZED USE OF SOCIAL SECURITY NUMBERS AND PENN STATE IDENTIFICATION NUMBERS, Policy AD95 - INFORMATION ASSURANCE AND IT SECURITY, Policy AD96 - ACCEPTABLE USE OF UNIVERSITY INFORMATION RESOURCES, Policy AD53 PRIVACY POLICY, AD57 General Regulations on Use of University Property. These policies may be referenced at https://guru.psu.edu/policies.
  2. Agree not to share account IDs or passwords or use the account IDs and passwords of another user.
  3. Penn State computer systems, software, and network services are to only be used by authorized Penn State faculty and staff for University business.
  4. Comply with all software license agreements governing installed software. (Please consult campus ITS staff with questions or concerns.)
  5. Agree to not alter system hardware, software, or network configurations to prevent access by Penn State Wilkes-Barre ITS staff or the operation of campus security applications.
  6. Assume sole responsibility and accountability for the system's operation, any software installed, and its interaction with campus and university networks.
  7. Agree to periodic inspection of the University owned device by the campus ITS staff to ensure compliance with University and campus policies and software copyright laws.
  8. Agree to disconnect from the campus data network should any network or security issues arise concerning this system, including suspected virus activity or any network security bypass, until the issues are resolved.
  9. Agree to run the latest Spirion (formerly Identity Finder) software, remediate data and successfully pass a PII scan every 15 days. 
  10. Backup important user files.
  11. Ensure physical security of the computer at all times. (This is especially significant for laptop computers.)
  12. Agree to operate their University-owned computer in least user privilege mode for routine daily computer operations as a standard practice and only use administrative privilege when prompted as a result of user-initiated actions.
  13. Agree to inform Penn State Wilkes-Barre Information Technology Services staff if data of a higher classification level is stored on a device after their administrative access has been granted.
  14. Non-compliance with the above guidelines will result in termination of administrative access.

Administrative User Rights Agreement

  1. Attach documentation outlining the reasons for requesting administrative privileges.
  2. Determine data classification level https://security.psu.edu/info-classification-decision-tool/.
  3. Fill in USER/REQUESTOR fields on this form.
  4. Obtain your director’s signature.
  5. Forward completed form to the Penn State Wilkes-Barre IT Services office at [email protected]

This section is to be completed by the USER/REQUESTOR.

I have read and agree to abide by the Administrative User Rights Policy PSU-WB-ITS-006.

Name (please print):

Signature:

Date:

Access Account userid:

Data Classification Level:
https://security.psu.edu/info-classification-decision-tool/

This section is to be completed by the SUPERVISOR or DEPARTMENT DIRECTOR.

I approve this request for administrative user rights.

Supervisor/Director Name (Please print):

Supervisor/Director Signature:

Date:

Department:

This section to be completed by Penn State Wilkes-Barre Information Technology Services.

I approve this request for administrative user rights.

IP Address:

System Model/Serial Number:

System Location:

Data Classification Level Granted:

IT Director Name (Please print):

IT Director Signature/Date:

Date Admin Rights begin:

Date Admin Rights end: