Audience
Faculty and Staff that need access to shared department Watermark accounts used to respond to student communication.
Issue
Watermark cannot grant users access to a shared department mailbox for communicating with students who respond to college communications. Instead, users must utilize a shared account within Watermark to read and respond to these communications. Below are the steps for ensuring the security of these shared accounts.
Solutions
Shared Account Managers
- Managers are responsible for the shared accounts, including changing passwords as they expire and distributing the shared credentials to their users.
- Managers are responsible for the distribution of MFA hardware tokens that will be associated with the shared account.
- Managers are responsible for the collection of MFA hardware tokens from users who no longer need access to the shared account.
- Managers are to inform ITS/Cybersecurity if any hardware tokens have been lost or are unable to be retrieved from a terminated user.
- Managers are tasked with documenting and maintaining the list of users with access to the shared account, along with the corresponding hardware token assigned to each user. This documentation should be shared with the Cybersecurity team.
- Managers can request new hardware tokens from the ITS Service Desk and have Cybersecurity assign the token to the shared account.
Shared Account Users
- Users will not share the credentials for the shared Watermark account with anybody, including co-workers who should have access.
- If a co-worker has forgotten the shared credentials or if their MFA token is no longer functioning, the person must contact the account manager for assistance.
- Users are required to use MFA hardware tokens to access the shared account and keep them separate from any MFA device used to access their personal accounts for Central Piedmont.
- Users are required to use their own assigned MFA token to access the shared account.
- Users are required to report any lost MFA hardware tokens to their manager who will report it to ITS.