All users with administrative accounts are required to comply with the following policy as directed by the Information Security Office.
5.8 When access to a university-owned IT device's administrative account is required by someone other than an IT Support Staff member, the following exception criteria must apply:
5.8.1 Individuals must annually complete the Acceptable Use Acknowledgement form;
5.8.2 Individuals must only use the administrative account for special administrative functions and default to a lower privileged user account for other day-to-day use;
5.8.3 Individuals must review training to inform them how they can limit use of their administrative access and still accomplish their primary day-to-day functions (example: How not to Login as Administrator (and still get your job done);
5.8.4 IT System Custodians are required to periodically review the use of administrative account exceptions.
18.104.22.168 IT System Custodians will remove any administrative accounts that go unused or are no longer required; and
22.214.171.124 IT System Custodians are required to raise inappropriate use to management (e.g., staying logged in with the administrative account longer than needed).