Each organisation that subscribes to any Eduserv Identity and Access Management service (including Athens and OpenAthens) must appoint an administrator.
The administrator, on behalf of the organisation, is responsible for ensuring that:-
- user accounts are only created for people entitled to use resources or facilities belonging to your organisation or to which they subscribe. Personal accounts must not be created for shared use.
- user accounts are only to be used in connection with the normal activities of your organisation.
- reasonable steps are taken to ensure that user accounts are only used to access or use resources or facilities to which your organisation subscribes and for no other purpose.
- usernames, passwords and personal information are kept confidential and all relevant data protection and privacy legislation is properly observed at all times.
- Eduserv’s Terms of Service are brought to each user’s attention before their first use of the Eduserv service. The administrator will take reasonable steps to ensure that users are familiar with and comply with the requirements of Eduserv’s Terms of Service.
- all information concerning users and administrators required by Eduserv to provide the service is accurate, complete and kept up to date.
- industry best practice and guidelines issued by Eduserv concerning usernames, passwords and security are complied with.
- no person shall attempt to violate or circumvent any security measures put in place by Eduserv or any service provider, or any supplier of resources or facilities to which your organisation subscribes. Administrators shall report any infringements to Eduserv as soon as they become aware of them.
- administrators should periodically check for compliance with all of the foregoing requirements and will co-operate with reasonable requests from Eduserv or suppliers to verify compliance or to investigate where any breach is suspected.
- user access is promptly removed when their entitlement to the resource or facility expires, for example when they leave your organisation.
- user access is promptly removed upon the reasonable request of Eduserv or the supplier of the resource or facility.
- any change to these Eduserv Administrator Responsibilities or Terms of Service will be implemented and complied with as soon as the administrator is made aware of the same. The administrator is responsible for ensuring user compliance with relevant changes.
Last reviewed March 2010