Purpose
University of Maryland Global Campus ("UMGC" or "University") provides certain individuals network accounts to allow secure access to UMGC Information Technology (IT) Resources. The purpose of this Policy is to establish a consistent set of rules and requirements for the creation, administration, and disabling of access to University Accounts (as defined below) issued to individuals who have applied for admission to UMGC, are or have been enrolled in credit or non-credit courses through UMGC, and individuals who have completed a degree or certificate program at t 黑料社区 (the "UMGC Learner Community") in order to ensure optimal use of resources while maintaining network security.
Scope
This Policy applies to all individuals including Contractors who are responsible for the creation, management and/or administration, and disabling of University Accounts for the UMGC Learner Community. A separate policy,聽UMGC Policy X-1.19B 鈥 Account Management (UMGC Workforce), applies to the administration of Accounts for those individuals.
The creation of and access to Accounts will be based on internal administrative guidelines maintained by UMGC and applicable Contractors.
Information System Stewards shall review Accounts on a periodic basis to determine that the level of User access to these Accounts is appropriate and consistent with the concept of Least Privilege.
UMGC and applicable Contractors, shall ensure that access to IT Resources is disabled when access is no longer required.
Enforcement
Anyone with knowledge of an alleged violation of this Policy should notify Information Security as soon as practicable.
Any employee, Contractor, or other third-party who violates this Policy may be subject to disciplinary action, up to and including termination of employment or contract.
Standards References
USM IT Security Standards, v.5, dated July 2022
NIST SP 800-171r2 鈥淧rotecting Controlled Unclassified Information in Nonfederal Systems and Organizations鈥, dated February 2020
Cybersecurity Maturity Model Certification (CMMC), v.2.0, dated December 2021