Administrator Access Agreement

All administrator requests must be accompanied by a written business purpose to justify admin access.

Administrative privileges on modern desktop operating systems grant users complete control over most functions and features of the operating system and applications. Unguarded computing habits can lead to malware infections that can cause detrimental effects, ranging from the widespread exposure of sensitive information stored on the device to the compromise of the entire university network's performance and security. UDit offers numerous other solutions for installing software, including a software installation library in Software Center and JAMF Self Service. UDit staff are also available to schedule software installs. Virtual Desktop Infrastructure (VDI) may also be available for specialized software installations.

Scope and Responsibilities

Integrity of User Files

Software Installation Requirements

General Guidelines and Loss of Privileges

Appropriate Use of the Administrator Account

Oversight and Enforcement

Scope and Responsibilities

Administrator privileges carry additional responsibility and are granted only for the approved software installation and business purposes described in the request.
You agree to install or update only software that has been reviewed and approved by Legal Affairs and UDit. This includes software obtained at no cost, including free, trial, open-source, or other software that requires acceptance of an end-user license agreement.

You further agree to exercise administrator privileges in good faith and in accordance with university policies and security requirements.

NOTE: Use of administrator privileges is centrally logged each time they are used. Administrator access will be periodically reviewed to ensure it remains appropriate and aligned with the approved business purpose. 

Integrity of User Files

Aside from software provided by the University, the user is responsible for any loss or corruption of files resulting from his or her use of privileges granted through administrative access.

Software Installation Requirements

  • All software installed on University-owned computers must be properly licensed and EULAs reviewed by Legal Affairs & UDit.
  • All users, including those with administrative privileges, must adhere to all federal and state laws and University regulations, paying particular attention to copyright.
  • Peer-to-peer applications, which expose the user’s machine to other computers on the Internet, allowing outsiders to access University networks, pose risks to the user’s computer and the network and will not be permitted.
  • IT will offer ‘best-effort’ technical support for any user-installed specialized software and cannot guarantee functional use.
  • IT shall maintain an administrative account/access on each machine. The user will not create any unauthorized administrator or user account on the machine.
  • The user will not delete any user accounts initiated by UDit.
  • The user will not make any password change that restricts UDit's ability to administer the machine.
  • The detection of malware activity or any other disruptive element affecting the network will result in the affected machine being disconnected from the network and the revocation of administrative privileges.
  • Hardware configurations cannot be modified in a way that voids the manufacturer’s warranty without prior consultation and approval by UDit.
  • The user will not permanently uninstall, disable, or modify any software or adversely alter system settings designed to protect the system that has been installed by UDit without prior permission.

General Guidelines and Loss of Privileges

  • UDit reserves the right to suspend administrative privileges if any condition is violated.
  • Users acknowledge that compromised operating systems might require reinstallation - potentially resulting in partial or total loss of files.
  • The user agrees to make a good faith effort not to disrupt any network services for other researchers, faculty, staff, and students.
  • IT will audit systems for compliance, licensing, troubleshooting purposes.

IMPORTANT:

  • Only use the administrative privileges for administrative purposes (downloading, installing, and upgrading software and hardware applications, and performing basic maintenance).
  • Never use administrative privileges for day-to-day computer tasks (browsing websites, using social media, checking email, working with documents, spreadsheets, and databases), as these are vectors for malware transmission. Contracting malware with administrative privileges grants administrative control over the computer resources to the malware.
  • Users are encouraged to perform daily tasks using standard user account privileges. Administrative privileges are reserved exclusively for tasks that require elevated privileges (software installation, updates, upgrades, troubleshooting, etc.).
  • The method for giving administrative privileges will be determined by UDit upon full approval of the request.
  • Faculty and staff who have been issued devices as part of their employment at the University have provisioned access as a “local user” of the device. This limited access protects UD’s network and data from the risks associated with malware or device compromise.
  • The need for direct administrator access on a UD-owned computer is generally rare and/or brief (e.g., installing non-standard software). In these cases, employees contact UDit for assistance. In rare cases, this periodic intervention by UDit may be insufficient. UD may grant an employee administrative privileges on their UD-owned computer, pending agreement to the conditions listed below.

Appropriate Use of the Administrator Account

  • Administrative privileges should be used for administrative purposes ONLY (e.g., downloading, installing, and upgrading software and hardware applications, and performing basic maintenance). Perform daily tasks with your local user account.
  • Do not create unauthorized administrator or user accounts or delete/modify any user accounts initiated by UDit.
  • Do not uninstall, disable, or modify software designed to protect the system (e.g., CrowdStrike, etc.) or adversely modify any system settings without prior permission from UDit.
  • Comply with UD’s Fair, Responsible and Acceptable Use of Electronic Resources policy.
  • Only install software on University-owned computers that has been properly licensed and whose EULAs have been reviewed by Legal Affairs & UDit.

Oversight and Enforcement

  • UDit shall audit systems for compliance purposes and reserves the right to suspend the administrative account if any condition is violated.
  • The detection of malware activity or any other disruptive element affecting the network will automatically result in the affected machine being disconnected from the network and the revocation of administrative privileges.
  • Repairing a compromised operating system may require reinstallation - potentially resulting in partial or total loss of files.
  • The employee is responsible for any loss or corruption of University data resulting from the use of privileges. Support for systems with local admin privileges will be best-effort, and UDit may only be able to wipe and reinstall the OS for service.
Was this helpful?
100% helpful - 2 reviews
Print Article

Related Services / Offerings (1)

Computer Administrator Rights Request
Request admin rights on your university owned device.