This page outlines the rules for granting extra permissions to UMD end users. Departmental IT staff must handle requests and approve permission upgrades in adherence to these criteria.
Criteria for granting elevated privileges
-
The Company Portal/Self Service is the intended method for end user-installed applications. Where possible, applications should be requested to be added to the Company Portal. Updates to Company Portal/Self Service software, operating systems and drivers are managed centrally.
-
The requirement for elevated permissions should be ongoing. Enhanced permissions are not appropriate for occasional usage. Users should contact their local IT Service Desk for one-off or occasional installs
-
All requests must have a valid use case. It must detail how standard user permissions impact the users ability to perform their role or engage in research.
-
All University-owned devices must comply with the University of Cambridge Information Security Policies.
-
Additional permissions are not a right and can be revoked if abused. For example,
- Using administrative rights to disable or edit management functions of the device
- Installing unlicensed software
Examples of valid use cases
- Running a software package that requires extra rights each time it is launched.
- The role requires routine installation of software not suitable for installation through Company Portal/Self Service.
Examples of invalid use cases
- Requesting additional rights without a supporting case as the user had them before.
- Installing a single piece of software that could be done by local IT staff instead.
- Installing software already available on the Company Portal or Self Service.
- "I want to change the settings on my device."
How to grant elevated permissions
If the user meets the criteria above, you can follow the instructions to grant them elevated permissions.