Data Security and Stewardship Committee
Cordelia Camp 101A
Wednesday, April 13, 2011
Present Shea Browning, Pam Buchanan, Steve Christison, Craig Fowler,
Lisa Gaetano, Larry Hammer, Debbie Justice, Scott Koger,
Anna McFadden, Zeta Smith, and Mike Stewart
Absent Scott Swartzentruber and Kay Turpin
Guests Barry Bidwell, Brandy Henning and Anna McFadden
Recorder Jenny Owen
Handouts
 3-9-11 DSSC Minutes
Approval of Minutes
 The minutes from the March 9, 2011, Data Security and
Stewardship Committee (DSSC) meeting were approved with one
change: oversight of certificates of destruction from disk
degaussing will be changed from the Internal Auditor’s Office to
the CIO Office.
Baseline Access
 Shandon Bates gave an overview of baseline system access that
people receive:
o Human Resources assigns a 92 number.
o After a 92 number is created, HR submits a ticket into
SharePoint to have an Active Directory (AD) account
created.
o With AD credentials, individuals can log onto the network
to access items such as wireless, basic VPN and email.
Depending on what information is provided, a group
Mercury account can also be created. Upon request, a
personal Mercury share folder and PAWS account can be
created.
o If an individual is set up as an employee in Banner, that
individual can get access to Self-Service Banner (SSB).
o INB (provides access to Finance, Requisitions, etc.) is not
granted automatically—supervisors must request access
for their employees.
o Consultants go through the same process to acquire a
92 number; however, they don’t get access to Banner-they are only granted a domain account.
Action Items
 Craig Fowler asked Bates to create a flow chart or process chart
that outlines the steps to obtaining system access and the types of
access that are (or are not) granted. The chart will be organized
by faculty, students, staff, guests, etc. Debbie Justice suggested
the chart tie to the table at the end of Policy 95.
 Bates requested that Jeff Tatham be invited to co-present with
Bates.
Update - Policy 93
Electronic Mail
 Koger commented that an older version of Policy 93 (with
references to forwarding email) was still posted on the
Chancellor’s web page.
 DSSC members had a lengthy discussion about the issue of what
email to archive and how and where to store archived emails.
 Suggestions:
o At the end of Policy 93, add a reference to “ask your
supervisor” or refer to Policy 108.
o Add information on how to create and store pst files.
o Add a disclaimer to “follow your department’s specific
archive guidelines.”
o Identify best practices to share with the Help Desk.
o Give pointers about where to find procedural things.
o Direct people to Policy 108 for information about what
should be retained.
o Hammer suggested adding a statement to Policy 93 that
says other email systems will not be used for university
business.
Agenda Items for next
meeting
 The discussion on Policy 93 will be carried over to the next
DSSC meeting on May 11.
 Discussion of data handling procedures will be carried over to the
May DSSC meeting.
 Lisa Gaetano will ask Mary Ann Lochner about the status of
presenting the data gathering letter to Executive Council for their
approval to go forward with sending it out.
 Hammer asked for a review of how 92 numbers are provided to
people (so they can claim their accounts).
 Fowler asked if Active Directory rules can be forced for MyCat.