Corporate Accounts Procedure
Version 2.0
For Students, Faculty, Staff, Guests, Alumni
Purpose
The purpose of this procedure is to instruct members of the Fordham community on how to request and manage corporate email accounts.
Scope
This document and all policies referenced herein shall apply to all members of the University community, including faculty, students, administrative officials, staff, alumni, authorized guests, delegates, and independent contractors (the “User(s)” or “you”) who use, access, or otherwise employ, locally or remotely, the University’s IT Resources, whether individually controlled, shared, stand-alone, or networked.
Procedure Statement
- Request to create a corporate account email by contacting the IT Service Desk or creating a ticket through ServiceNow.
- Request only one corporate account per ticket.
- The requestor must provide at least three possible account names (e.g., JohnDoe123, JohnDoe999, JohnDoe_456).
- The requestor must provide at least one valid full phone number (i.e., 555-555-5555, +1 555-555-5555).
- Transfers or deletion of corporate accounts should be requested via a ticket through ServiceNow.
- After creating an account, adding or removing phone numbers should be requested via a ticket through ServiceNow.
- Ownership of the corporate account should be audited annually.
- Phone numbers associated with the corporate account should be audited annually.
Note:
- The IT Service Desk creates corporate accounts in Banner, and Talend processes the account and publishes it to Active Directory (AD).
- Multi-Factor Authentication for corporate accounts is created manually by Information Security and Assurance.
- All service accounts are corporate accounts (s-admin).
Types of corporate accounts
- Corporate accounts for single application/administrative use (e.g., MFA-admin is a superuser account to manage applications, including billing).
- Corporate accounts for sending emails on behalf of a department or group.
- The owner of the account needs to manage the delegation.
- Provision/de-provision/reprovision rules need to be applied when the ownership changes.
- Club accounts are for student use. The owners of these accounts need to share the password with club supervisors.
- Club supervisors' phone numbers must be added to Duo.
- Adding and removing the second factor (i.e., phone number) in Duo may happen frequently and must be audited.
- The owner may need to add multiple accessible phone numbers because they share many members' accounts.
- Delegate email accounts (e.g., Infosec) are used on behalf of one main account and forwarded to individual email accounts, but a separate login is unnecessary.
- The delegate account owner needs to change passwords,
- Keep track of who's in the group, and
- Use the de-provisioning procedures to re-assign the account owner.
Definitions
IT Resources include computing, networking, communications, application, and telecommunications systems, infrastructure, hardware, software, data, databases, personnel, procedures, physical facilities, cloud-based vendors, Software as a Service (SaaS) vendors, and any related materials and services.
Related Policies and Procedures
Implementation Information
Review Frequency: | Triennial |
---|---|
Responsible Person: | Senior Director of IT Security Operations and Assurance |
Approved By: | CISO |
Approval Date: | March 8, 2022 |
Revision History
Version: | Date: | Description: |
1.0 | 03/08/2022 | Initial document |
2.0 | 02/09/2023 | Replaced EasyVista with ServiceNow |