Charter for use of an administrator account

IGBMC users might be allowed to administer their own workstation or the workstation of some of their team members.

To administer a workstation a user must obtain a dedicated administrator account different from is normal user account.

With an administrator account for one or more workstations, the user agrees to meet all the criteria described below:

  • The tasks of the user require the installation or regular updating of one or more software not managed by the IT department;
  • The user perfectly masters his computer work environment as well as the tools he installs or updates with his administrator account;
  • The user is the primary user of the workstation(s) for which he is an administrator.
  • If he is not the primary user, he has the written permission of the primary user. A copy of this authorization must be given to the IT department when the administrator account is delivered.

The user agrees to respect the following rules:

  • He uses his administrator account only for the administration needs of the associated workstation(s), including the installation, update or removal of software;
  • He refrains from accessing or attempting to access resources of the information system for which he has not received explicit authorization;
  • He does not use his administrator account for common use of the associated workstation(s);
  • He does not connect to IGBMC local networks - regardless of the nature of these networks (wired or wireless) - materials other than those entrusted or authorized by the IGBMC IT department;
  • He indicates as soon as possible to the IT department any changes that would occur in the conditions of obtaining his administrator account.
  • He does not install, download, or use, on IGBMC hardware or personal hardware, software for which license fees have not been paid, or not from trusted sites, or prohibited by the IGBMC;
  • He undertakes not to deliberately interfere with the proper functioning of IT resources and networks, whether by abnormal manipulation of hardware or software.
  • The user is prohibited from transferring his administration rights to a third party or creating a local account on the workstation(s) associated with his administrator account.
  • The user is prohibited from accessing or attempting to access resources or data from the workstation(s) associated with his administrator account for which he has not received explicit authorization.
  • He does not introduce data carriers (USB key, CDROM, DVD, etc.) without taking the necessary precautions to ensure their safety;

The user is responsible for the use of information systems made with his administrator access rights.
As such, he ensures the protection of the means of authentication that have been assigned to him or that he has generated (badges, passwords, private keys, private keys related to certificates, etc.):

  • He never communicates them, including to his line manager or to the IGBMC's IT team;
  • He applies the rules of complexity and renewal according to the means of authentication used;
  • He puts in place all the means at his disposal to avoid disclosure of his means of authentication;
  • He modifies or requests the renewal of his means of authentication as soon as he suspects the disclosure.
  • He reports as soon as possible to the IT department any suspected compromise of his administrator account.

The user does not use the means of authentication or access rights of a third person. In the same way, he does not try to hide his own identity.

An administrator account is valid for a sliding period of 3 months beyond the last use of the administrator account on the associated workstation.

An administrator account is valid for the lifetime of the associated workstation(s) or until the close of the corresponding normal user account.

The IT department reserves the right to terminate an administrator account without notice if any of the following events occur:

  • The conditions for obtaining the initial administrator account are no longer met;
  • The rules for using the administrator account are not respected;
  • The user does not respect the IGBMC's computer charter;
  • One or more workstations administered by the user are victims of a viral infection through his administrator account.