4000-4-8 Account Life Cycle

Policy

Lambton College has a responsibility to keep an accurate and timely account registry to protect the personally identifiable information, the integrity of critical infrastructure, and to maintain cost effective infrastructure and licensing. This policy applies to all applications, students, former students, alumni, employees, former employees, retirees, and third parties of Lambton College. Account access applies to all systems such as, but not limited to, operation systems, databases, applications, devices, cloud applications, and stand-alone devices.

This policy governs the procedures for the creation, maintenance, licensing, and termination of IT accounts for various user groups at Lambton College. The primary objective of this policy is to ensure the security, efficiency, licensing compliance, and accountability of IT account management.

Applicants

1. Applicant accounts serve as a gateway for individuals seeking enrollment at Lambton College. They provide access to application status and related information during the selection process.
   1. Account Creation: Applicant accounts will be created upon submission of an application for enrollment.
   2. Account Access: Applicants will have access to application status and relevant information during the admission process. This will include email and myLambton access.
   3. Account Pickup: Applicants are emailed their account information to their preferred personal email address.
   4. Account Maintenance: Applicant accounts will remain active for the duration of the application and selection process.
   5. Account Termination: Applicant accounts will be disabled after two (2) years from the date of application.

Students

1. Student accounts facilitate access to essential academic services and resources for enrolled students, streamlining the educational experience.
   1. Account Creation: Students who move from an Applicant to a Student are done so automatically through registration processes.
   2. Account Access: Students will have access to course registration, academic resources, and student services.
   3. Account Pickup: Student accounts and credentials will be distributed during orientation or provided electronically upon enrollment confirmation.
   4. Account Maintenance: Support staff accounts will remain active during employment.
   5. Account Termination: Accounts will be disabled immediately upon termination, resignation, or end of contract. Access may be provided for thirty (30) days as a grace period to ensure that all hours are entered, all work has been submitted, and employee/student inquiries are responded to.

Employees

Support Staff

1. Support staff accounts provide access to essential tools and systems needed for the efficient functioning of departments and administrative tasks.
   1. Account Creation: Support staff accounts will be created upon successful onboarding.
   2. Account Access: Support staff will have access to departmental and administrative tools necessary for their job responsibilities.
   3. Account Pickup: Support staff will receive their account credentials during the onboarding process through the HR or IT Department.
   4. Account Maintenance: Student accounts will be active for the duration of their enrollment. Accounts will be disabled upon graduation or withdrawal.
   5. Account Termination: Student accounts will be migrated to Alumni after thirty (30) days after graduation or withdrawal.

Faculty

1. Faculty accounts grant access to teaching and research resources, enabling educators to deliver quality instruction and conduct research effectively.
   1. Account Creation: Faculty accounts are generated by having a valid person, payroll, and employee record entered by Human Resources. A signed and completed offer must be received by Human Resources.
   2. Account Access: Faculty will have access to teaching and research tools, as well as administrative resources as required.
   3. Account Pickup: Faculty will receive their account credentials as part of the onboarding process through the academic or IT Department.
   4. Account Maintenance: Faculty accounts will remain active during their employment.
   5. Account Termination: Accounts will be disabled immediately upon retirement, resignation, or end of contract. Access may be provided for one-hundred thirty (130) days as a grace period to ensure that grades can be posted, student inquiries responded to, and communication with the College regarding future contracts.

Administration

1. Administrative accounts provide access to essential tools and systems needed for the efficient functioning of departments and administrative tasks.
   1. Account Creation: Administrative accounts will be created upon successful onboarding.
   2. Account Access: Administrative staff will have access to departmental and administrative tools necessary for their job responsibilities.
   3. Account Pickup: Administrative staff will receive their account credentials during the onboarding process through the HR or IT Department.
   4. Account Maintenance: Administrative accounts will remain active during employment.
   5. Account Termination: Accounts will be disabled immediately upon termination, resignation, or end of contract. Access may be provided for thirty (30) days as a grace period to ensure that all hours are entered, all work has been submitted, and employee/student inquiries are responded to.

Retirees

1. 6. Employees who retire from Lambton College retain email access for ninety (90) days as a grace period to assist with the transition. After the ninety (90) days, retires do not retain any email access.

Third Party

1. Lambton College, at its sole discretion, may create accounts for contractors or other third parties to perform work or for collaboration with the College. Any third party will require a College contact that is responsible for establishing the identify of the individual and submitting a third party access request form to the IT Service Desk.
   1. Account Creation: Third party accounts (e.g., contractors, vendors) will be created upon approved request by the responsible department or project manager.
   2. Account Access: Third party accounts will have access to specific systems or resources as outlined in their access request.
   3. Account Pickup: Third party users will receive their account credentials from the department or project manager who requested the access.
   4. Account Maintenance: Third party accounts will remain active for the duration of their authorized access. Regular reviews of 3rd party accounts will be conducted to ensure ongoing necessity.
   5. Account Termination: Third party accounts will be disabled at the end of the requested date to a maximum of six (6) months. Any requests to extend this access must come from the College contact.

Account Security

1. All user groups are responsible for safeguarding their IT account credentials and adhering to password policies. Account access will be restricted based on the principle of least privilege, granting users only the necessary access to perform their job functions. Requests to increase access will be sent to the Information Technology Department for review and may require additional approval.
2. All accounts at Lambton College are required to have multi-factor authentication (MFA) enabled. Any exemptions for multi-factor authentication will be approved by the Director of Information Technology and documented for the exemption if approved.

Licensing Compliance

1. Accounts shall be assigned the appropriate licenses based on user group requirements and organizational licensing agreements. Additional license requests will be sent to the Information Technology department for review and may require additional approval.