In response to the growing security concerns across the world, the Be Safe programme is running a number of projects to improve cyber security across the University. As part of one of these, the Identity and Access Management (IDAM) project, we are disabling all redundant accounts in University IT systems and ensuring retention periods are adhered to.
For Staff, including those marked as contractors, access will be removed the day after their contract ends according to the date set in SAP. All staff and contractors must have a record in SAP.
The IDAM Security team will attempt to contact any visitor or contractor with an active account who is not currently in SAP to find out their end date. This will be updated in SAP. Any inactive visitor/ contractor accounts (not logged in for over 3 months) that do not have an end date in SAP will be disabled immediately.
Students will have full access to their account for 60 days after their completion date. After this:
A similar process will be followed for Research Post Graduates, but 'Recent Alumni' status will be assigned after 90 days after the date you appear on the pass list and 'Alumni' status after 180 days. For Research Post Graduates, a check will be made before 'Recent Alumni' status is set, and if the account is still in use the student will be contacted and arrangements made to extend their access or transition them to a staff account if they still need access to IT systems.
All accounts (staff/ student/ project) that have not been used for 13 months or have been created over 6 months ago and never used will also be disabled.
This will remove all redundant accounts in our IT systems. All remaining accounts should be protected by Duo two-factor authentication. If they do not have Duo protection, we will investigate.
We are working to ensure that all our data is up to date and no current staff or student accounts are disabled. However, if your account is disabled please contact IT (+44) 01133433333.