In response to the growing security concerns across the world, the Be Safe programme is running a number of projects to improve cyber security across the University. As part of one of these, the Identity and Access Management (IDAM) project, we are disabling all redundant accounts in University IT systems and ensuring retention periods are adhered to.
For Staff, including those marked as contractors, access will be removed the day after their contract ends. This date will be taken from SAP or LURCIS (the University’s identity management system).
We will contact any visitor or contractor with an active account (within the last two months) who is not currently in SAP to find out their end date. This will be updated in LURCIS. All inactive visitor/ contractors without an end date will be disabled.
Students will have full access to their account for 60 days after their completion date. After this:
A similar process will be followed for Research Post Graduates, but 'Recent Alumni' status will be assigned after 90 days after the date you appear on the pass list and 'Alumni' status after 180 days. For Research Post Graduates, a check will be made before 'Recent Alumni' status is set, and if the account is still in use the student will be contacted and arrangements made to extend their access or transition them to a staff account if they still need access to IT systems.
All accounts (staff/ student/ project) that have not been used for 13 months or have been created over 6 months ago and never used will also be disabled.
This will remove all redundant accounts in our IT systems. All remaining accounts should be protected by Duo two-factor authentication. If they do not have Duo protection, we will investigate.
We are working to ensure that all our data is up to date and no current staff or student accounts are disabled. However, if your account is disabled please contact the IT Service Desk (using the 'Something broken' link on the homepage) who will be able to re-enable it.