Model Privileged Access Agreement

(To be adapted for specific use)

INTRODUCTION

Privileged access enables an individual to take actions that may affect computing systems, network communication, or the accounts, files, data, or processes of other users. Privileged access is typically granted to system administrators, network administrators, staff performing computing account administration or other such employees whose job duties require special privileges over a computing system or network.

Individuals with privileged access must respect the rights of the system users, respect the integrity of the systems and related physical resources, and comply with any relevant laws or regulations. Individuals also have an obligation to keep themselves informed regarding any procedures, business practices, and operational guidelines pertaining to the activities of their local department.

In particular, the principles of academic freedom, freedom of speech, and privacy of information hold important implications for computer system administration at UCB. Individuals with privileged access must comply with applicable policies, laws, regulations, precedents, and procedures while pursuing appropriate actions required to provide high-quality, timely, reliable, computing services. For example, individuals must comply with provisions of the University of California (UC) Electronic Communications Policy (ECP) mandating the least perusal of contents and the least action necessary to resolve a situation.

GENERAL PROVISIONS

1. Privileged access is granted only to authorized individuals. Privileged access shall be granted to individuals only after they have read and signed this Agreement.
2. Privileged access may be used only to perform assigned job duties.
3. If methods other than using privileged access will accomplish an action, those other methods must be used unless the burden of time or other resources required clearly justifies using privileged access.
4. Privileged access may be used to perform standard system-related duties only on machines and networks whose responsibility is part of assigned job duties. Examples include:
   • installing system software;
   • relocating individuals' files from critically overloaded locations;
   • performing repairs required to return a system to normal function, such as fixing files or file processes, or killing runaway processes;
5. running security checking programs;
6. monitoring the system to ensure reliability and security.
7. Privileged access may be used to grant, change, or deny resources, access, or privilege to another individual only for authorized account management activities or under exceptional circumstances. Such actions must follow any existing organizational guidelines and procedures. Examples include:
   • disabling an account apparently responsible for serious misuse such as: attempting to compromise root (UNIX) or the administrator account (Windows), using a host to send harassing or threatening email, using software to mount attacks on other hosts, or engaging in activities designed to disrupt the functioning of the host itself;
   • disconnecting a host or subnet from the network when a security compromise is suspected;
   • accessing files for law enforcement authorities with a valid subpoena.

In the absence of compelling circumstances (see ECP Appendix A Definitions), the investigation of information in, or suspension of, an account suspected to be compromised should be delayed until normal business hours to allow appropriate authorization and/or notification activities.

• In all cases, access to other individuals' electronic information shall be limited to the least perusal of contents and the least action necessary to resolve a situation.
• Individuals with privileged access shall take necessary precautions to protect the confidentiality of information encountered in the performance of their duties.
• If, during the performance of their duties, individuals with privileged access inadvertently see information indicating serious misuse, they are advised to consult with their supervisor. For cases involving "improper governmental activity", see the "Policy on Reporting and Investigating Allegations of Suspected Improper Governmental Activities" and the Berkeley Campus directive " How to Blow the Whistle on Suspected Improper Activities". If the situation is an emergency, intervening action may be appropriate.

The ECP governs all activities using UC electronic communication resources. ECP provisions must be followed when electronic communication records are involved in any situation (see ECP Appendix A Definitions).

Authorization
Under most circumstances, the consent of the holder of an electronic communications record (see ECP Appendix A Definitions) must be obtained before accessing their files or interfering with their processes. If consent cannot be obtained, then ECP conditions for "Access Without Consent" must be met. (See ECP section IV.B and also "Approval for Accessing Berkeley Campus Electronic Communications ".)

Notification
In either case, the employee or other authority shall, at the earliest opportunity consistent with law and University policy, attempt to notify the affected individual(s) of the action(s) taken and the reasons for those action(s).

RECOURSE

If conflicts or disputes arise regarding activities related to this Agreement, individuals may pursue their rights to resolve the situation through existing procedures. Such procedures would include informal supervisory or departmental conflict resolution procedures, relevant provisions of employment policies or contracts, student or faculty conduct procedures, or other such documents that pertain to the particular individual's affiliation with the University.

AGREEMENT

• I have read this Privileged Access Agreement, the University of California Electronic Communications Policy, and the UC Berkeley Computer Use Policy.
• I agree to comply with the provisions of this Privileged Access Agreement, the University of California Electronic Communications Policy, and the UC Berkeley Computer Use Policy.
• [ Departments using this Agreement may wish to add their individual departmental guidelines or procedures to this list. ]