Last Revision: March 31April 28, 2022
Stamford Campus Technology Services
...
STAMFORD CAMPUS DATA ADMINISTRATOR, DATA STEWARD AND DATA USER ROLES AND RESPONSIBILITIES
The following pertains to University departmental shares, SharePoint sites and access to computers or other resources managed by the Stamford Campus Technology Services department. This does not replace the data roles and responsibilities outlined in the University of Connecticut Information Security Policy Manual. The policy has been was updated to comply with the updated UConn wide Data Roles and Responsibilities policy as well as and current best practices.
Data Administrator
The Data Administrator is responsible for managing permissions for University IT resources such as departmental shares and shared printers. The Data Administrator grants and revokes access to these resources based on requests from Data Stewards. The Data Administrator of the Stamford Campus is responsible for resources in the Stamford Campus ITS Organizational Unit and cannot manage permissions for other University IT resources. The Data Administrator will also be a Site Owner on Staff SharePoint sites they support.
Data Steward
Data Stewards are employees of the university responsible for the overall use and proper handling of administrative, academic, public engagement, or research data. Data Stewards must classify data according to the University’s Data Classification Policy. Data Stewards ensure that appropriate steps are taken to protect data and implement policies and agreements that define appropriate use of data. For SharePoint, Data Stewards are also Site Owners in SharePoint. They are able to grant permissions on their own.
The Data Steward or their designated representatives are responsible for:
• Ensuring the information they are responsible for is accurate
• Authorizing the specific use of information across the organization
• Working with other Data Stewards to resolve conflicting data issues
• Specify appropriate controls, based on data classification, to protect the data from unauthorized modification, deletion, or disclosure
• Ensuring access rights are evaluated on a regular basis
Data User
Data Users are individuals who receive authorization from the Data Steward/Administrator to access, enter, or update information. Data Users must use the resource only for the purpose specified by the Data Steward, complying with controls established by the Steward, and preventing disclosure or confidential or protected information.
Absent Data Steward
If the Data Steward is absent or otherwise not available, as a Staff member, the supervisor of the Data Steward may be contacted. The If a Data Steward has not named an alternate, the Campus Director and Campus Associate Director can fill in for Staff requests should a Data Steward be absent. Determining who the proper supervisor is will be done by the org chart found in the global address book. If this takes us to someone off campus, the Campus Director or Campus Associate Director may be used instead. For faculty, there are no provisions for a backup data steward. Requests for resources will not be processed unless it comes they come from the Faculty faculty member.
Requests for Data (Non-SharePoint)
All requests for Data access must be initiated approved by the appropriate a Data Steward for the correct resource. The current proper way to request is through this web form: submit a ticket: https://sstamford.uconn.edu/stamdata
All requests for resources must be submitted by the appropriate data steward for the resource
• All requests for resources must be submitted properly through the web form
• The web from will be locked to Data Stewards only but verification will be done to ensure that the appropriate Data Steward is the one making the request.
Delegating and Escalationsits. This can be done by either a Data User or Data Steward. If the Data Steward is not the requestor, the request will be put on hold until we get approval through the ticketing system from the Data Steward.
Should a Data Steward no longer wish to control a resource, they may delegate this to a subordinate. However, in doing so , that subordinate becomes the primary contact for the resource. All resources will have one primary contact. Such a request MUST be initiated in an authentic ticket with no exceptions as back-end changes will need to be made to verify a new Data Steward. Additionally, new Data Stewards will need access to the web form to request permission changes by submitting a ticket.
Request for Data (SharePoint)
The above procedure can be followed for SharePoint but due to Data Stewards being Site Owners of their own SharePoint site, they can approve permissions on their own through Office365. Additionally, Data Stewards can delegate other Site Owners to approve SharePoint requests on their behalf.
Administration
All shared resources will have an appropriate Active Directory description. The AD Description will contain the Data Steward for the resource for EFS folders and the Data Steward and shared resource name for shared mailboxes and calendars. This description will be checked before making a resource change. This method is subject to change should it interfere with future ITS policies on Active Directory naming/description conventions.