The Official Web site for the Office of Information Technology - UTSA

This document should be rendered in an HTML format with cascading style sheets and JavaScript turned on.

Office of Information Technology Home Page

Skip to Main Content

Skip to Navigation

Please take a few minutes to read our Accessibility Page which will make your visit through this Web site easier.

Copyright (c) 2010. The University of Texas at San Antonio. All rights reserved.

OIT Home > About OIT > Information Resource Standards > Administrative Special Access Standard

Administrative Special Access Standard

Purpose - The UTSA Administrative/Special Access Security Standard establishes the rules for the creation, use, monitoring, control and removal of accounts with special access privileges for the maintenance of information resources. Administrative access to individual workstations is prohibited unless approved by the Information Resources Manager (IRM).

Audience - The UTSA Administrative/Special Access Standard applies equally to all individuals that have, or may require, special access privilege to any UTSA information resources.

  1. All users must sign the UTSA Information Resources Security Acknowledgement and Nondisclosure Agreement before access is granted.

  2. All users of Administrative/Special Access accounts must be provided with account management instructions, documentation, training and authorization.

  3. Each individual who uses an Administrative/Special Access account must refrain from abuse of this privilege. Periodic random audits will be conducted to ensure proper use of the account.

  4. Each individual who uses an Administrative/Special access account must use the account most appropriate for the work being performed (i.e., user account vs. administrator account).

  5. Each account password must meet the UTSA Password Standard.

  6. The password for a shared administrator/special access account must be changed when a password holder leaves the department or UTSA, or upon a personnel change of the vendor assigned to a UTSA contract.

  7. If the system has only one administrator, there must be a password escrow procedure in place so someone other than the administrator can gain access to the administrator account in an emergency situation. The procedure will be audited on a regular basis.

  8. When Special Access accounts are needed for audit, software development, software installation or other defined need, they:

    1. must be authorized by the system owner, IRM or Information Security Officer (ISO)

    2. must be created with a specific expiration date

    3. must be removed when work is complete.

  9. The use of privileged commands must be traceable to specific individuals via the use of comprehensive logs.

Account Management

Disposal of Computers
Other Electronic Devices

Laptop Encryption

Policy Exception and Risk Assumption Procedures

Administrative/Special Access

E-Mail Management

Log-in Disclaimer

Security Monitoring

Application Registration

Incident Management

Network Access

Security Training

Enterprise Backup &
Data Recovery

Information Resource Use and Security (pending)

Network Configuration

Server Hardening

Change Management

Information Security Risk Assessment

Password

Software Licensing

Computer Naming Convention

Information Security Administrator (ISA)

Patch Management Standard

Threat Detection and Prevention

Configuration and Asset Management

Information Security Training Standard

Personal Computing

Unauthorized File Sharing

Copiers and Printers

Information Services Privacy

Physical Access

Vendor Access

Data Center

Internet Use

Portable Computing

Web Application Vulnerability Scanning

Data Classification

Intrusion Detection

Protection Against Malicious Software

Wireless Network

 

 

 

Workstation Operating Systems Support

Tools