Division of Information Technology
California State University – Long Beach
Information Technology Services
Privileged Administrative Access to Technology -­‐ User Account Agreement
Background
Privileged administrative access to Information Technology Services (ITS) systems and infrastructure affords University
employees the ability to perform actions that may affect mission-­‐critical, campus-­‐wide computing systems, account
access, files, data, or user processes. Privileged administrative access requires approval from ITS Management and
requestor’s Management as well as requestor acknowledgement of roles and responsibilities therein.
Appropriate and ethical use of University electronic systems and data are outlined in the Acceptable Use of CSULB
Electronic Communication Systems and Services,
http://daf.csulb.edu/offices/vp/information_security/policies/elec_comm_sys.html. Additional Roles &
Responsibilities for Privileged Account holders are detailed below.
Roles & Responsibilities
•
•
•
•
I acknowledge that this account will be for my use only, and I assume full responsibility to ensure privileged access
account credentials are protected.
I will comply with campus Acceptable Use Policies, and understand privileged access gives me the ability to affect
campus-­‐wide computing systems, account access, data, and/or user processes. It is my responsibility to ensure the
integrity and security of such systems and data.
I will use the account only as required in the performance of my duties and only in the completion of the tasks
indicated below.
I understand my privileged access can be monitored and tracked to ensure activities performed are within the duties
of my position.
ITS Privileged Access
□ BeachID Password Reset
□ Active Directory (AD) & FIM
Portal
□ BeachNet Guest Access
□ Email Distribution Access
FOR ITS INTERNAL USE ONLY
□ Application Admin Access
Definition
Provides the ability to reset BeachID passwords and related
attributes
Provides the ability to manage delegated A D Organization Unit
(OU) structure and related accounts. Also provides view access
into FIM.
Provides Wifi guest account creation for University sponsored
guests.
Provides access to send University Approved email broadcasts
to user-defined email lists and mass-communication lists
including all-employees, all-faculty, all-students, and allauxiliary groups.
Administrative access to applications. List applications below or on
back of form, as needed:
Requestor: Name, Title & Department
(print)
Signature of Requestor
Date
Dean / Manager: Name, Title, Dept.
(print)
Signature of Dean / Manager
Date
Associate Vice President, ITS
(print)
Signature of Approver
Date