1.0 Purpose
The purpose of this policy is to define the acceptable use of personal storage space on the Business College’s file server. Specifically, the login account’s M: drive. Acceptable use must be defined and enforced to ensure the integrity of Business College resources, and the security of personal information.
2.0 Scope
This policy applies to all users of login accounts, in all departments within the Business College.
3.0 Policy
M: drives will only be used to store data for the login account directly associated with that drive. Requests to give other users’ access to their “M” drives will be denied, and previously granted access can be revoked at any time by NRC staff during routine security audits.
3.1 3.1. Ownership and Responsibilities
It is the responsibility of the NRC to maintain this policy as service providers to account holders at the Business College.
3.2 General Configuration Guidelines
Permissions to M: drives will be delegated as follows:
If any folder, subfolder, or file does not have at least the security configuration listed above, NRC staff will add required permissions. If necessary, all folder, subfolder, and file permissions may be reset to the default configuration, which is that listed above.
3.3 Monitoring
NRC staff are obligated to review security configuration of network resources, including but not limited to, granted access to personal folders and subfolders.
3.4 Compliance
Any configuration found to be in conflict with this policy will be replaced or reset, as per section 3.3 of this policy. The account holder may or may not be notified, depending on the situation. If data loss may result from the compliance change, the account holder will be notified, provided that notification can be completed without affecting the safety or security of other account holders.
4.0 Definitions
Term | Definition |
M: Drive | File storage allocated for individual account holders on the Business College’s file server. |
Login account | User name associated with an individual at the Business College. Login accounts are typically granted to all Faculty, Staff, and PhD students. |
Domain Administrators | Members of a highly restricted security group that are tasked with being technically and directly responsible for certain IT assets at the Business College. |
NRC Staff | Members include student and FTE employees of the NRC. |
Full Control | Ability to grant permissions to other account holders to the given folder, subfolder, or file. Typically reserved for Domain Administrators. |