This document defines the University of Maryland Baltimore’s (UMB) guidelines regarding administrative privileges to UMB owned workstations. 

Scope:

The Administrative Rights Guidelines apply to all users who are granted Administrative privileges on UMB owned computers. This document is in compliance with the USM IT Security Standards.  It also follows industry best practices, such as those defined by TechNet.

Definitions:

• Administrator:  allows users complete and unrestricted access to the computer.

• General User:  provides standard access and prevents the user from making accidental or intentional system-wide changes and can run most applications.

Guidelines:

• By default, all UMB faculty and staff members are assigned General User privileges on their individual workstations.
• Administrative privileges will only be granted to faculty and staff members with a defined legitimate need who have an approved deviation request on file with campus Security & Compliance.  Deviation requests are reviewed and stored for audit purposes.  Click here for the deviation request form.
• A new account will be created for you that has administrative rights associated with it.  The following naming convention will be used for the admin account, username-admin
• This admin credential is only to be used when necessary to run or update specific software programs.
• UMB workstations are University property and are intended for University business.
• Individuals should only install software related to University business.
• Individuals should not install software that may damage files and expose UMB’s network to virus attacks and malicious coding.
• Individuals should refrain from installing software which may monopolize local processor power, resulting in noticeable system slowdown or degradation of performance.
• Individuals should not install applications that may establish network share protocols which result in an increase in bandwidth utilization as this may cause network congestion and degradation of network performance across wide areas of the campus.
• Individuals should not download or install applications that are illegal, not licensed or conflict with the University IT Acceptable Use Policy on University owned equipment.
• Individuals who download or install applications, other than those included in the standard configuration for all University computers, are responsible for retaining documentation of appropriate licenses.
• Non-UMB software will be removed as part of a normal repair process if necessary to restore system functionality.
• In the event of computer or network performance issues associated with a computer enabled with administrative privileges, CITS will only restore the computer to the standard configuration for all university computers.
• The occurrence of repeated instances of OS integrity problems may result in the removal of administrative level access in order to prevent continued challenges in supporting the computer.