Skip to main content

Corporate Accounts Procedure

Version 1.0

Purpose

The purpose of this procedure is to instruct members of the Fordham community on how to request and manage corporate email accounts.

Scope

This document and all policies referenced herein, shall apply to all members of the University community including faculty, students, administrative officials, staff, alumni, authorized guests, delegates, and independent contractors (the “User(s)” or “you”) who use, access, or otherwise employ, locally or remotely, the University’s IT Resources, whether individually controlled, shared, stand-alone, or networked.

Procedure Statement

  1. Request to create a corporate account email by contacting the IT Service Desk or creating a ticket through EasyVista™. 
  2. Request only one corporate account per ticket. 
  3. The requestor must provide at least three possible account names (e.g., JohnDoe123, JohnDoe999, JohnDoe_456). 
  4. The requestor must provide at least one valid full phone number (i.e., 555-555-5555, +1 555-555-5555). 
  5. Transfers or deletion of corporate accounts should be requested via a ticket through EasyVista.  
  6. After creating an account, adding or removing phone numbers should be requested via a ticket through EasyVista.  
  7. Ownership of the corporate account should be audited annually.  
  8. Phone numbers associated with the corporate account should be audited annually. 

Note:  

  • The IT Service Desk creates corporate accounts in Banner, and Talend processes the account and publishes it to Active Directory (AD).  
  • Multi-Factor Authentication for corporate accounts is created manually by Information Security and Assurance.  
  • All service accounts are corporate accounts (s-admin).  

Types of corporate accounts 

  • Corporate accounts for single application/administrative use (e.g., MFA-admin is a superuser account to manage applications, including billing). 
  • Corporate accounts for sending emails on behalf of a department or group.  
    • The owner of the account needs to manage the delegation. 
    • Provision/de-provision/reprovision rules need to be applied when the ownership changes. 
  • Club accounts are for student use. The owners of these accounts need to share the password with club supervisors. 
    • Club supervisors' phone numbers must be added to Duo.  
    • Adding and removing the second factor (i.e., phone number) in Duo may happen frequently and must be audited.  
    • The owner may need to add multiple accessible phone numbers because they share many members' accounts.  
  • Delegate email accounts (e.g., Infosec) are used on behalf of one main account and forwarded to individual email accounts, but a separate log-in is unnecessary.  
    • The delegate account owner needs to change passwords, 
    • Keep track of who's in the group, and  
    • Use the de-provisioning procedures to re-assign the account owner.  

Definitions

IT Resources include computing, networking, communications, application, and telecommunications systems, infrastructure, hardware, software, data, databases, personnel, procedures, physical facilities, cloud-based vendors, Software as a Service (SaaS) vendors, and any related materials and services.

Related Policies and Procedures

Implementation Information

Review Frequency: Triennial 
Responsible Person: Senior Director, IT Security Operations and Assurance 
Approved By: CISO
Approval Date: March 8, 2022

Revision History

Version: Date: Description:
1.0 03/08/2022 Initial document