Local User Admin Access

The Georgia Cybersecurity Board and the University System of Georgia (USG) have mandated that all agencies and universities in the system remove local user administrative access to institutional-issued computers. Any exemptions to this recommendation will be made to the USG Cybersecurity Office after filing a request for local user administrative access with the Valdosta State University Information Security office. In addition to approval for the request, all individuals with approved administrative access must use multi-factor authentication to access services and workstations using administrative accounts.

Exceptions may be considered, but are not guaranteed, for individuals who present a business case for local administrative access. This request must be renewed on an annual basis during the exception request period. Failing to complete the request form will result in revocation of local administrative privileges.

Any request for local administrative access will be evaluated on an individual basis using these general guidelines for a business case meeting the exception:

  1. Approved institutional Review Board research projects (IRB number required.)
  2. Supervisor-approved business case relating to ongoing work duties 
  3. Staff members designated or approved by the CIO/CISO for information technology roles 
  4. Classified government research data that requires administrative rights to access

State-managed laptops that are used exclusively on the “Bring-Your-Own-Device” (BYOD) VSU wireless network in a zero-trust manner may be considered for local user administrative rights. “Zero-trust” means that all users of the device must login to all campus resources through multi-factor authentication before getting access to applications or data. To be considered, laptops must meet these expectations:  

  1. The laptop is running the university’s supported antivirus protection software. 
  2. The laptop is running the university’s supported device management software. 
  3. The laptop is not used to store HIPAA (health record) data, FERPA (student record) data, financial (GLBA) data, payment card information (PCI), personally identifiable information (PII), or any other sensitive classified data. 

State-managed laptops that are identified as not meeting the expectations will have local user administrative access removed so that the laptops can be brought into compliance with USG policy.

If your business case does not fit these guidelines, one of the following options might be appropriate for your request:

  1. If the administrative access does not meet the guidelines for approval for the academic network, use a personal device connected to the VSU wireless network. 
  2. For software packages that have regular updates, enter a service ticket at http://solutions.valdosta.edu or call the Solutions Center at 229-245-4357 to request that IT add the software package to the self-service software portal. Software in the self-service portal can be updated at a faculty or staff member’s convenience without requiring administrative access. 
  3. For all other software or hardware needs, please enter a service ticket at http://solutions.valdosta.edu or call the Solutions Center at 229-245-4357 for Information Technology support.