|
Management Systems Security
Management systems at the University of Idaho, comprising several databases that include BANNER, Decision Support and FAMIS, contain data which require proper management in order to permit effective planning and decision making and to conduct business in a timely and effective manner. Much of the information contained in these databases is confidential, or at a minimum, sensitive data that requires protection (please refer to the Family Education Rights and Privacy Act for more information).
Management systems information is one of UI's most valuable resources and requires responsible use by members of the university community. UI employees are charged with safeguarding the integrity, accuracy, and confidentiality of this information as part of the condition of employment. Employees are expected to act in a manner that will ensure the information they are authorized to access is protected from unauthorized access, unauthorized use, invalid changes, or destruction. Access to management systems is granted to a particular individual based on the need to use specific data, as defined by job duties, and subject to appropriate approval. As such, this access cannot be shared, transferred or delegated. Failure to protect these resources may result in disciplinary measures being taken against the employee, up to and including termination (see ITS Computer Use Policy and Computer Use Violations (Administrative Procedures Manual, Section 32 of Chapter 30, an Acrobat PDF document)). (See the entire Administrative Procedures Manual.)
Federal and state laws and university policy restrict access to and dissemination of confidential management systems information to protect all students, faculty and staff for a variety of reasons. In addition to personal data, such as grades and salary related data being kept private, members of our community may also have compelling reasons to keep information such as addresses and phone numbers confidential to protect them from threatening situations. When a management system user accesses information that concerns these members, extra diligence is required to ensure confidentiality is protected.
The following documents will provide UI users with background data, guidelines and various policies that define the users responsibility when accessing sensitive and restricted data. Visit this site often as it is updated to include additional security measures.
Policy On Use of Computers
This is an official policy statement of the University of Idaho and as such it is binding on all faculty, staff and students at the university.
FERPA-Buckley Amendment
The Family Education Rights and Privacy Act, a federal law pertaining to student records and legal disclosures.
Account Tracking and Access Termination
Procedures for tracking employees who transfer within the university and modifying their access as needed. Includes procedures for monitoring temporary access for IH and their sponsorships, and removal of access for terminating employees.
Questions or Concerns About Security
Report a security violation or ask questions about the above policies and procedures by contacting the ITS Database Administrator.
Password Policies - General
Guidelines for creating and maintaining appropriate and confidential passwords for the Unix machines and policies on password expiration.
Password Policies - Management Systems
Additional guidelines for password creation specifically related to Management Systems, including BANNER.
Secure Screen Savers & BANNER Logoff Policy
Guidelines for creating a secure screen saver for users of the Management Systems and information about the 90-minute Banner Logoff Policy - why it was created, how it might impact you as a user, and how to log back into the system.
Secure Policies for BANNER Training Classes
Policy for identity verification when receiving BANNER module, FERPA, and navigation training.
Other Useful Links
|