The Department of SAS IT has implemented a new administrative desktop rights process. This process pertains to the permissions and privileges granted to users on their desktop computers within the department's administrative framework. The implementation of this new administrative desktop rights process by the Department of SAS aims to enhance security, streamline access management, and ensure compliance with relevant regulations and standards.
In order to process your request for administrative access please open a ticket via ServiceNow or email .
Administrative access to workstations is provided to SAS IT support staff as part of the standard process for building and provisioning workstations. Additional administrators are typically not necessary in the managed computing environment within SAS; however, SAS IT recognizes that situations exist within our scope of support that might necessitate primary users of a machine receiving administrative access to local workstations (herein referred to as “local workstation administrators.”) Granting additional
administrative access to non-IT employees adds significant risk to the security of a system, its data, and all the connected systems within the Rutgers environment. Administrative access is a privilege that should not be exercised without considering these risks. If one is unsure of the ramifications of administrative actions, SAS IT should be contacted before changes are made. The below outlines additional responsibilities assumed by local administrators as governed by the SAS Standard Business Practice: Workstation Management & Administrative RightsSAS Standard Business Practice: Workstation Management & Administrative Rights
User Requirements:
• Local workstation administrators are required to complete security training, expected to take no more than 90 minutes per year, that must be renewed on a schedule that will be determined by the SAS Executive Dean’s Office.
• Local workstation administrators are prohibited from modifying the rights on any user account on the system or creating new accounts on the system that have elevated access without the explicit written consent of SAS IT support staff.
• Local workstation administrators are prohibited from taking any action that limits, modifies, removes, or otherwise impacts the ability of SAS IT to access, monitor, or manage the system.
• Local workstation administrators are prohibited from downloading, installing and/or executing software that is illegal or not licensed for its intended use on the specific university-owned system.
• Local workstation administrators are prohibited from installing software not compatible with
the workstation's operating system or that may interfere with the functionality of other
software.
• Local workstation administrators must allow and ensure that systems and installed software have all necessary security patches and updates installed in a timely fashion. If, for some reason, a security patch cannot be installed, workstation administrators must notify SAS IT
support staff.
• Local workstation administrators should notify SAS IT in writing if they will be working with particularly sensitive data so that the existing security safeguards can be reviewed and adjusted if necessary. This data is broadly given the ‘Critical’ and ‘Restricted’ designation in the Information Classification Policy.