Last Revision: March 31, 2022
Stamford Campus Technology Services
STAMFORD CAMPUS DATA ADMINISTRATOR, DATA STEWARD AND DATA USER ROLES AND RESPONSIBILITIES
The following pertains to University departmental shares, access to computers or other resources managed by the Stamford Campus Technology Services department. This does not replace the data roles and responsibilities outlined in the University of Connecticut Information Security Policy Manual. The policy has been updated to comply with the updated UConn wide Data Roles and Responsibilities policy as well as current best practices.
Data Administrator
The Data Administrator is responsible for managing permissions for University IT resources such as departmental shares and shared printers. The Data Administrator grants and revokes access to these resources based on requests from Data Stewards. The Data Administrator of the Stamford Campus is responsible for resources in the Stamford Campus ITS Organizational Unit and cannot manage permissions for other University IT resources.
Data Steward
Data Stewards are employees of the university responsible for the overall use and proper handling of administrative, academic, public engagement, or research data. Data Stewards must classify data according to the University’s Data Classification Policy. Data Stewards ensure that appropriate steps are taken to protect data and implement policies and agreements that define appropriate use of data.
The Data Steward or their designated representatives are responsible for:
• Ensuring the information they are responsible for is accurate
• Authorizing the specific use of information across the organization
• Working with other Data Stewards to resolve conflicting data issues
• Specify appropriate controls, based on data classification, to protect the data from unauthorized modification, deletion, or disclosure
• Ensuring access rights are evaluated on a regular basis
Data User
Data Users are individuals who receive authorization from the Data Steward/Administrator to access, enter, or update information. Data Users must use the resource only for the purpose specified by the Data Steward, complying with controls established by the Steward, and preventing disclosure or confidential or protected information.
Absent Data Steward
If the Data Steward is absent or otherwise not available, as a Staff member, the supervisor of the Data Steward may be contacted. The Campus Director and Campus Associate Director can fill in for Staff requests should a Data Steward be absent. Determining who the proper supervisor is will be done by the org chart found in the global address book. If this takes us to someone off campus, the Campus Director or Campus Associate Director may be used instead. For faculty, there are no provisions for a backup data steward. Requests for resources will not be processed unless it comes from the Faculty member.
Requests All requests for Data access must be initiated by the appropriate Data Steward for the correct resource. The current proper way to request is through this web form: https://s.uconn.edu/stamdata
All requests for resources must be submitted by the appropriate data steward for the resource
• All requests for resources must be submitted properly through the web form
• The web from will be locked to Data Stewards only but verification will be done to ensure that the appropriate Data Steward is the one making the request.
Delegating and Escalations
Should a Data Steward no longer wish to control a resource, they may delegate this to a subordinate. However in doing so, that subordinate becomes the primary contact for the resource. All resources will have one primary contact. Such a request MUST be initiated in an authentic ticket with no exceptions as back end changes will need to be made to verify a new Data Steward. Additionally, new Data Stewards will need access to the web form to request permission changes.
Administration
All shared resources will have an appropriate Active Directory description. The AD Description will contain the Data Steward for the resource for EFS folders and the Data Steward and shared resource name for shared mailboxes and calendars. This description will be checked before making a resource change. This method is subject to change should it interfere with future ITS policies on Active Directory naming/description conventions.