University of Vermont

Information Technology

When Employees Leave UVM: Standard Practices for Network IDs, Email Accounts, and Other Online Access

Department directors may want to consider protecting University data, documents, and other information assets in the following ways when a faculty, staff, or temporary employee leaves the University.  ETS Identity and Account Management can help direct department heads to the right people for these changes.  

Use of email, web publishing, and access to files:  Employees usually are granted use of their Network-IDs for one year after their termination dates.  Retirees and emeriti generally keep their Network-IDs for life.  One's Network-ID gives access to email, file storage (individual and departmental), Oracle Calendar, web publishing, myUVM, Footprints, software downloads, and other resources.  The Computer, Communication, and Network Technology Acceptable Use policy gives department heads, if they do not want the University to extend the courtesy of account access for the usual year-plus period, authority to terminate accounts at any time after an employee leaves (see item 3(f)).   The same policy allows department heads to request access to terminated employee's files, email, and computers, and gives department heads responsibility for copying needed work-related files before the employee's account is removed from the system.  Requests should be sent to the Vice President for Executive Operations & Chief of Staff.  Department heads may wish to consult with the Information Security Officer before making a request.  Schools and colleges may grant post-termination use of locally provided email, web publishing, file storage, and other services on different terms; check with the respective dean's office concerning current policies and procedures. 

Access to information systems:  Termination automatically triggers removal of access to PeopleSoft and Banner SIS, while Blackboard access is controlled by enrollment status, so no explicit action is required for these systems.  Access to Campus File Services (home and shared drives) remains in place for 21 days after termination, unless a department head requests earlier termination.  However, department heads should request that accounts on systems for which access is not based on Network-ID, or from which removal is not automatically triggered by termination, be disabled or removed by contacting the responsible system administrator.  Systems include Resource 25, Web Xtender, Listserv, Kronos, Famis, SharePoint, and applications managed within a college, shool, or department.  (Famis access removal will be automated in the future.)  

Passwords to any shared accounts or computers:  Whenever someone leaves a job, passwords to shared resources, including passwords known by others, should be changed.  This includes departmental email and web publishing accounts, shared usernames and passwords for computer login.  Employees with information technology responsibilities may know passwords for servers, information systems, and networks; those passwords must be changed.  Doing so also protects the former employee from any accusation of responsibility for improper system use.  

Access based on group membership:   Because employees generally keep their Net-IDs for one year after termination, care must be taken to remove access rights and other privileges that are driven by membership in security groups.  Groups are most commonly used for access to files on and Active Directory (Campus File Services).  Department heads should request that system administrators remove terminating employees from any group that isn't automatically tied to employees' roles or employment status. 

External systems:  Sometimes people have authority (usernames and passwords) for external systems, such as University financial accounts.  Departments should work with external system managers to change those usernames and passwords.  

Voicemail: Departments may wish to assign other employees to check former employees' voicemail, or to change greetings or referral extensions.  Telecommunications & Network Services can change voicemail passwords or remove voicemail service.  

Workstations:  Departments should change passwords to desktop and laptop computers, and copy to secure network storage any needed documents stored on terminating employee's computers (see "Use of email, web publishing, and access to files" above for the request and authorization process).   Department heads should take possession of computers assigned to terminating employees.  If a termination agreement allows the employee to keep a computer, its hard drive must be securely cleansed of all software and files; the computer's original operating system may be reinstalled. 

Email autoresponses:  Short of terminating employees' Network-IDs, departments may want to ask former employees to put up an automated response for their email accounts, directing people to resend UVM business to another employee or to a departmental email address.  The autoresponse can be done with or without forwarding email elsewhere; coordination with the former employee is key.  This is done on the Account Management web pages.  

Last modified July 28 2015 02:08 PM

Accessibility | Privacy/Terms of Use | Contact UVM © 2020 The University of Vermont - Burlington, VT 05405 - (802) 656-3131