Accessing the DPS Network/E-mail/Enterprise Applications
The following guidelines reference employee access to all district-owned enterprise networks, systems and applications.
Access
Access is a privilege granted on the security principle of least privilege, that is, only the privileges needed to perform assigned tasks are granted. Access to the networks, systems and data supported by DPS is granted for the benefit of specific DPS departments and schools in performing their assigned work and management duties. They should be made available to individuals who need them to do work for DPS as long as that access can be provided in a manner that does not jeopardize DPS legal requirements (i.e., confidentiality and privacy) and the security of DPS systems and data.
Access should be granted on an individual user basis for accountability, and an appropriate level of management should approve any exceptions. Generally, the individual granted access would be a DPS employee. However, students and 3rd parties (i.e., vendors, contractors, etc.) may also be granted access. These students and 3rd parties must be sponsored by DPS and specifically approved by an appropriate DPS department head or principal who will generally be the ‘owner’ of the system or data.
Some DPS enterprise applications require certification training prior to receiving logon access. It is the responsibility of the department head and/or principal to assure training is scheduled in a timely fashion. Refer to the Training and System User Documentation section for specific training information.
Extreme care must be given when approving high-level access privileges for positions not originally intended to have such access. Department heads and principals continue to be responsible for the consequences of delegating such authority and approving such access.
Shared Logons
Shared logons (e.g., for a group using the same user ID and password to logon where there is no individual accountability) must not be used. If exceptions are deemed necessary, they must be approved by appropriate management on a case-by-case basis and must conform to security and confidentiality requirements. Shared logons will not be approved for enterprise systems.
Compliance
Proper management of access control is crucial to ensure confidential information and data integrity is protected and data is available for employees to perform their assigned tasks. Periodic management reviews should be performed of access privileges and access granted to ensure consistency with these procedures.
To Request Security Access
All requests for security access must be made in writing or E-mail to the DoTS Hotline (E-mail – DoTS_Hotline@dpsk12.org) by the principal/department head or their designee. The principal/department head must follow the same procedure in order to make a staff member a designee for the school/department.