Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

STAMFORD CAMPUS DATA ADMINISTRATOR, DATA STEWARD AND DATA USER ROLES AND RESPONSIBILITIES

The following pertains to University departmental shares, shared printers, access to computers or other resources managed by the Stamford Campus Technology Services department. This does not replace the data roles and responsibilities outlined in the University of Connecticut Information Security Policy Manual.

Data Administrator

Jeff Shapiro, Stamford Campus Technology Services Systems Administrator, is Data Administrator at the Stamford Campus. The Data Administrator is responsible for managing permissions for University IT resources such as departmental shares and shared printers. The Data Administrator grants and revokes access to these resources based on requests from Data Stewards. All requests must be submitted by the Data Steward using the ticketing system. and include the name of the resource and the NETID, if available, of the person to whom access will be granted.  Matt Proulx, the Technology Manager, serves as Alternate Data Administrator in the event that the Primary Data Administrator is unavailable.

The Data Administrator is responsible for resources in the Stamford Campus Organizational Unit and cannot manage permissions for other University IT resources. If you are unsure whether a resource is in the Stamford OU, the Data Administrator can provide that information; if an individual requires access to a resource that is not in the Stamford OU, the Data Administrator will assist in contacting the Data Administrator who is responsible for that resource.

The Data Administrator will identify and explain any permissions available for a resource at the request of the Data Steward.

Data Steward

Each Department Head will act as the Data Steward for his or her department. Data Stewards are responsible for determining which individuals in their department will be granted access to departmental shares and shared printers; if necessary, access to computers can be restricted to specified individuals. The level of access of these resources for each user must be specified by the Data Steward.

Data Stewards are responsible for requesting that access to IT Resources be granted when needed and promptly requesting that access be revoked when no longer needed. Data Stewards are responsible for ensuring that these requests comply with the University of Connecticut IT Policies including those outlined in the Information Security Policy Manual.

Data Stewards are responsible for providing Data Users under their supervision with a copy of the Information Security Policy Manual and ensuring that those individuals are aware of and meet compliance standards. Data Stewards are responsible for informing the Data Administrator of the location and nature of any confidential information that is being stored.

Each Data Steward may designate one individual to assume the role of Alternate Data Steward. If the Data Steward is absent or cannot be contacted, the Alternate Data Steward shall be responsible for requesting that access to resources be granted or revoked (see Alternate and Delegate Data Steward).

Each Data Steward may delegate data stewardship over particular resources to a Delegate Data Steward. Delegate Data Stewards must fulfill the responsibilities of a Data Steward, and may make requests for access directly to the Data Administrator as outlined below (see Alternate and Delegate Data Steward).  The Data Steward is responsible for informing the Data Administrator that an Alternate or Delegate Data Steward has been assigned.  It is also the Data Stewards responsibility to inform the Data Administrator that someone has been relieved of such duties.

Alternate and Delegate Data Steward*

Alternate and Delegate Data Stewards need to submit their requests by email to the Data Administrator.  The primary Data Steward for the department must be cc’d on all requests. The Data Administrator will process all changes emailed to them only if this procedure is followed. Properly requested changes made by a Delegate or Alternate Data Steward may be revoked by the primary Data Steward at any time.

Data User

Data Users are individuals who are granted access to IT resources. Data users who need access to an IT resource must submit a request to their Data Steward, who will request that the Data Administrator grant the Data User access. Requests made by a Data User directly to the Data Administrator will be denied. Data Users are responsible for being familiar with the Information Security Policy Manual. Data Users are responsible for understanding Data Classification Levels and how to appropriately store and work with each type of data.  If they have any questions, the Data Administrator is available for consultation on data types via a scheduled appointment.

Violations

Violations of information security policy must be immediately reported to the Information Security Office as specified in the Information Security Policy Manual.  If you suspect a violation please contact the Information Security Office directly at (860) 486-8255. Individuals who report violations are explicitly protected from retaliation by the University’s Non-Retaliation Policy.


*For Professional Staff only. Faculty will have a SINGLE Data Steward for any individual resource; no delegation will be done.