Administrative Access Policy

Purpose

Administrative access refers to accounts with the ability to modify computer hardware and operating system settings, which are above the level of a regular user’s abilities on the given system. Some systems may refer to this as “root”, “administrator”, or “elevated” access. Such access must be monitored to ensure university computer systems maintain an expected level of security and reliability.

Computers and computerized systems (including single-service “appliances” like routers or file servers) have levels of privilege for different users. In the simplest case, a system may have only two levels: administrator and no access. Most systems have multiple levels, including regular accounts and administrative logins which can perform configuration and affect the other accounts. The UF Acceptable Use Policy requires that all computer systems have authentication, authorization, and auditing (eg. logs) for every account and device on the UF network.

Scope

This document applies to faculty, staff, students, and other personnel associated using CLAS-managed computers.

Policy

Administrator Requirement

Within CLAS, it is the policy that every system, whether it is hardware or software, shall have a responsible administrator, and that the administrative access shall be granted on a least-privileges basis. The least-privileges principle says that each person should only have the access which is necessary to perform their required tasks.

Who Can Have Access

Persons with administrative access to a hardware or software system have a “Position of Special Trust”, and additional responsibilities which go with that trust.

Administrative access is typically the responsibility of professional IT staff, departmental computer contacts, and occasionally other individuals by special arrangement with the unit Information Security Manager (ISM). Users who have Unix/Linux operating systems or who provide services from their computers must understand and comply with the server network connection policy, for example.

Administrative Access Backup Requirement

Any person who has administrative access must be approved for access, and they must also have at least one backup person who also has, or can get, the access information for a given system. For multi-person IT shops, the various administrators may back each other up. For single-person shops, and those without a formal IT job designation, they may elect to provide access information (including, but not limited to, passwords) to their administrative supervisor, a peer, or an IT person at a higher administrative level.

Not all people who hold backup copies of access information are trained to use it, themselves. They may merely hold onto it in case of disaster, employee turnover, etc. Access information in the hands of non-technical people may be written or typed on paper in a sealed envelope marked “For Emergency Use Only”, or locked in a safe with access limited to the administrator and their backup(s).

Even in shops with multiple administrators, it is wise to have a written copy of their access information, especially given that employee turnover and reliable systems may cause such information to go unused, and the administrator(s) will forget passwords through dis-use. There is also the issue of mass outages of staff during or after a disaster, when the primary and backup administrators coincidentally cannot be present when a system needs to be accessed.

Responsibilities

  • Failure to adhere to this policy can result in notification of your computer contact or your supervisor. In case of potential violations of UF policy, the UF Administration may be notified.

More Information

  • Any questions about administrative access should be directed CLAS IT or the UF CIO Office.

Last revised: September 18, 2009.