The Information Technology Services (ITS) department is committed to providing members of the State University of New York at Fredonia ("Fredonia") community with reliable, secure, and user-friendly technology in stable operating condition. In an effort to appropriately address the needs of the faculty and staff, ITS provides, on a per-request basis, local computer administrator privileges for individual university owned computers in accordance with regulatory compliance.
NOTE: An approved Computer Administrative Privileges Request Form is valid 2 years from the date of approval by the Information Security Officer or designee. Requestors will need to renew their privileges by completing this form again if they wish to maintain their access. Additionally, approved Administrative Privilege account holders will be required to use Duo Security for all console (sitting at your computer) and remote access to the approved computer.
Levels of Access
There are two security access levels to a Fredonia owned computers:
• User - Allows a great deal of powers to perform normal daily computing functions. The user access level will generally assure the highest level of stability for your computer.
• Administrator - Allows the computer operator to have complete and unrestricted access level rights on their individual workstations. This includes the ability to install any hardware or software, edit the registry, manage the default access accounts, and change file level permissions.
Risks & Assumptions
The assumption of local computer administrative privileges on a Fredonia computer carries certain inherent responsibilities. Care must be taken due to potential threat of compromise and compliance with Federal, NYS, and SUNY regulations.
- Data Security - Fredonia computer users who are granted administrative privileges should be aware that using an account with administrative privileges makes the user computing environment extremely susceptible to spyware, viruses and potentially damaging security breaches.
- Regulatory Compliance - Fredonia is bound by Federal, New York State (NYS), and State University of New York regulations to protect our sensitive data (Category II & III data) from unauthorized use (FERPA, HIPAA, GLBA, NIST 800-53, NIST 800-171, SUNY Procedures 6900 etc.).
- Software Licensing & Copyright Laws - Fredonia computer users who are granted administrative privileges should be aware of copyright restrictions and licenses placed on ALL software installed on their systems as well as being aware that there exists severe criminal and civil penalties for noncompliance. University computer users do not have the authorization to agree to any software terms and conditions (e.g. End User License Agreements) on behalf of the University. Agreeing to End User License Agreements while installing software on university owned computers may subject the institution to laws of foreign countries and or states other than New York.
Requesting Computer Administrative Privileges
By default all members of the University community using NYS owned computers are granted "User" access level on their individual workstations. ITS provides local computer administrator access on an as requested basis only for Fredonia employees on individual computers based on a valid business case.
Step 1: Employee completes the Computer Administrative Privileges Request Form and sends it to the Information Security Office (ISO) located in Maytum 117.
Step 2: The ISO will create a Tracker ticket and complete the Computer Administrative Privileges Request Form performing a security review then issue either an approval and denial.
Step 3: If the request is approved, the ISO will notify Human Resources to issue the FredTraining Course: Computer Administrator Privileges Policy to the requesting employee. Once the requesting employee has successfully completed the course and submitted (attach to Tracker ticket or mail) the Certificate of Completion to the ISO, the requesting employee’s eServices account will be added to the Local Computer Administrative Privileges List. The completed form will be attached to the ticket notifying the requesting employee and the ITS Service Center.
Please contact the Information Security Office (673-4725) should you need any assistance.