• UNM
• »Information Technologies
• »NetID Accounts
• »Account Locking

Account Locking Policy

IT reserves the right to lock NetID and other UNM computer accounts, and to require violators undergo education and training on the proper use of their accounts. In addition, IT will provide violators with a copy of UNM’s Acceptable Computer Use policy in either electronic or hard copy form. Certain locking violation could also result in disciplinary action by the University or in criminal prosecution.

As the first level of intervention, and to protect the UNM’s computer systems and resources, as well as personal and administrative data, Information Technologies (IT) will lock NetID accounts for the following reasons:

• Attempts to Defeat IT Security
• BSA or Supervisor/Manager Request
• Compromised Password
• Compromised or Stolen Accounts
• Delinquent Pay-for-Use Accounts
• Department/Organization Account Violations
• Harassment
• Misuse/Abuse of System or Network Resources (Third Event)
• Multiple or Varied Off-Site Logins
• Post-Reinstatement Violations
• Violations of UNM's Acceptable Computer Use Policy in IT Computer Pods

Attempts to Defeat IT Security

IT will lock the account of any NetID account holder who is discovered to have defeated, or attempted to defeat, IT security, auditing or accounting. Potential violations include scanning systems for vulnerabilities, attempting to access a protected data set, or modify a system file. IT will report the violation to the Dean of Students Office, the Office of the Provost or the staff supervisor for appropriate disciplinary action.

BSA or Supervisor/Manager Request

If a UNM employee is leaving the university under administrative leave, his or her manager/supervisor, or the BSA for that department, may request that the employee’s NetID account be locked. Requests may be phoned in to IT Security, 505.277.0930 for immediate locking. The manager/supervisor or BSA must follow up the request with an email or other documentation describing the reason for the locking request.

Compromised Password

Accounts whose passwords have been compromised will either be locked or placed in the verification shell. Upon the next login attempt, the verification shell will require the person to enter personal information that should be known only to the legitimate account owner. If the individual cannot provide the correct information, the account will be locked. The account owner must contact IT Customer Support Services, 505.277.5757 to have the account unlocked.

Compromised or Stolen Accounts

IT immediately locks an account if there is adequate reason to believe the account has been compromised or stolen by an intruder.

Examples of adequate reason include existing evidence that the owner is not using the account, and the presence in the account of programs used exclusively for breaking computer security or damaging computer systems.

Following are specific situations that might indicate an account has been compromised or stolen and that could result in the locking of the account:

• A customer reports to IT that he or she cannot run the Create a New NetID program because someone else has already created an account using his or her identity.

• The Security Administrator or systems personnel notice abnormal login activity, such as one account being logged into simultaneously from multiple sites, or a customer telling IT that someone was bragging about stealing an account. The legitimate account owner must contact the Security Administrator or the UNIX Coordinators to have the account unlocked.

• An account is used locally during a period of time when the owner has notified the Security Administrator, the ACF2 Administrator or a Business Security Administrator (BSA) that he or she is on vacation or otherwise absent. The legitimate account owner must contact the Security Administrator upon returning to have the account unlocked.

• A user attempting to log in to an IT resource from off-site is unable to provide the personal information required by the verification shell.

• A BSA believes that an administrative account has been compromised and asks IT to lock the account. The legitimate account owner must contact the ACF2 Administrator, the BSA or the Security Administrator to have the account unlocked.

Delinquent Pay-for-Use Accounts

If a pay-for-use account is 90 days past due, and no payment is received within the next 30 days, the account will be locked. The account holder must contact the Support Center to request reinstatement of the account.

Department/Organization Account Violations

Department or organization multi-user accounts are subject to locking for any of the violations listed in this policy. Unlocking a multi-user account could take longer than an individual’s account because the investigation process is more complex. The designated department or organization representative must contact the Security Administrator or the BSA to have the account unlocked.

Harassment

If a NetID holder receives harassing e-mail from another NetID holder, IT will lock the offender's account if:

• the incident of harassment has rendered the victim’s account unusable, or
• the harassment is a documented second offense.

IT will make an effort to contact the offender before locking the account and attempt to resolve the situation. In addition, IT will provide the victim with information on how to respond to harassing emails and deter future harassment.

Victims of harassment are advised to:

• Keep copies of all e-mails to and from the harasser.
• Reply clearly and rationally to the harasser that you do not want to receive any more e-mails from that person.
• Refrain from engaging the harasser in a prolonged, back-and-forth correspondence.
• Notify the Assistant Dean of Students if the harasser is a student or the staff supervisor if the harasser is a UNM employee.
• Notify the police if you feel in danger or are aware of illegal activity involving the harasser.

Misuse/Abuse of System or Network Resources (Third Event)

A third incident of misuse or abuse of IT system or network resources will result in the temporary or permanent account locking, depending on the nature of the violations. Certain kinds of misuse or abuse could result in disciplinary action by the University.

Examples of system/network misuse and abuse include, but are not limited to, the following:

• repeatedly leaving an e-mail spool so large that no other users on the system can receive e-mail
• repeatedly exceeding disk space allocations
• using a UNM NetID account to sell or otherwise distribute copyrighted materials through electronic means, such as Web pages, FTP, email, etc.
• repeatedly writing programs that allocate huge amounts of memory
• using a NetID account to send e-mail chain letters
• rendering IT computers or the accounts of other NetID holders unusable

First and Second Warning
After the first incident, IT will send an email to the account holder warning them of the violation. The account holder will also be provided with a copy of UNM’s Acceptable Computer Use policy.

If the account holder commits a second violation, IT will send a second warning e-mail. The offender will be required to certify by e-mail that they have read and agree to abide by the UNM’s Acceptable Computer Use policy.

After each violation the IT Security Administrator will contact the account holder by e-mail and explain how the offending activities caused a problem for IT systems.

Third Event
After the third incident of misuse or abuse, IT will lock the account. A report of the violation will be forwarded to the Dean of Students Office, the Office of the Provost or the staff supervisor for possible disciplinary action. The offender must contact the IT Security Officer to receive training on the proper use of his or her account and must sign a User Reinstatement Form.

Multiple or Varied Off-Site Logins

NetID accounts with multiple or varied off-site logins will be placed in the verification shell. Upon the next login attempt, the verification shell will require the user to enter personal information that should be known only to the legitimate account holder. If the user cannot provide the correct information, the account will be locked. The user must contact IT Customer Support Services, 505.277.5757 to have the account unlocked.

Post-Reinstatement Violations

NetID account holders who commit a second locking violation after signing a User Reinstatement Form may be subject to losing their IT computing privileges permanently. The violation will be reported to the Dean of Students office, the Office of the Provost or the staff supervisor for possible disciplinary action.

Violations of UNM's Acceptable Computer Use Policy in IT Computer Pods

IT computer pod managers may request that an account be locked for violations of UNM’s Acceptable Computer Use policy observed in IT computer pods. The pod manager will e-mail or meet with the offender to educate him or her about proper use as outlined in the Acceptable Computer Use policy.

Examples of violations that could result in account locking include:

• game playing on IT computers during restricted hours
• malicious or repeated misuse of pod or IT resources or equipment
• printing sexually explicit material, if it can be viewed by others, or refusing to remove sexually explicit images from the workstation screen, if images can be viewed by others.
  
  Note: Printing sexually explicit images on IT printers is a locking violation.

The pod manager will send an e-mail to the offender summarizing their meeting. This email is cc ’d to the IT Security Administrator, and the Dean of Students, the Office of the Provost or the offender’s supervisor.