Home > Policies > Shared Accounts Policy

This policy applies to all shared accounts for any Concordia University business related resources.


Account Creation

  • When requesting a new account the following items will need to be provided: display name, who needs have access and its primary use.
  • Creation of shared/generic accounts requires approval to be granted by the section/department manager.
  • Validation that an existing account providing the same function is not already present.
  • Functionality must exceed what can be accomplished by the use of an individual account.
  • Any external use or published/marketed email address associated with these accounts will need final approval from the marketing department.


Account Access

In order to provide accountability and tracking access will be granted by following specific protocols.
  • Access to shared accounts will be provided to the designated user/group once permission has been granted by the account owner or section/department manager.
  • Access will be granted to the approved user/group by assigning permissions thought the appropriate service such as Active Directory (AD) or Exchange.
  • Access will NOT be granted by providing a shared username and/or password.


Exceptions

Requests for exceptions to the above policy will be evaluated on a case by case basis. Due the inherent security risk of these types of shared accounts approved exceptions will be applied for limited time periods and granted with limited access.


Effective 07/02/2015
Policy Reviewed by {Pending Administrative Approval}
Updated by J. Flowers (07/02/2015)