The objective of this procedure is to define how to request an ePantherID change. This procedure will provide background, relate the procedure to the UW – Milwaukee Information Security Policy, and define the framework needed to respond to an ePantherID change request. This procedure will go into effect after approval and remain in effect until changed or revoked.
A consistent process for issuing electronic identifiers to the UW – Milwaukee community is fundamental for the operation of a secure and efficient identity management system. Automated processes for issuing the electronic identifier known as the ePantherID have been implemented based on campus processes used to enroll students and hire staff. The automated processes utilize portions of the legal name of the individual to derive a unique identifier of between 2 and 8 characters. Frequently, numbers are incorporated to help provide uniqueness in cases of common names.
The ePantherID is used to provide secure and auditable access to services utilized by the UW – Milwaukee community. The ePantherACCOUNT Provisioning Service automates processes to enable access to services administered by UITS as well as other services administered by the greater UWM community. The changing of an ePantherID for an individual affects the automated provisioning processes as well as the overall security and auditability of access to any services utilized by the individual.
The UW – Milwaukee Information Security Policy provides for the development of procedures to support the secure operation of IT systems. Given that changing the ePantherID has impacts on the security and auditability of services, the procedure to do so falls under the umbrella of the UW – Milwaukee Information Security Policy
( http://www4.uwm.edu/secu/docs/other/S_59.pdf ) and such procedures are authorized in section III-D of the policy.
It is recommended that an individual retain the ePantherID issued for the duration of an individual’s interaction with the UWM community. However, there may be instances where an individual may want to request a change. This procedure provides a framework to request and process ePantherID change requests and attempts to balance the desires of community members with the security needs, audit requirements, and resources available to manage services provided to the UW – Milwaukee community. This procedure provides a framework to request changes to the ePantherID in four specific situations.
The following situations will be processed upon contact with the UWM Help Desk and entry of a change request:
- After a legal name change has been registered with either the Department of Enrollment Services in the case of students eligible to enroll for instruction or the Human Resources Office in the case of staff under a current work contract, the individual may make a request to change their current ePantherID. A new ePantherID will be issued based on the new legal name.
- In the event of a data entry error leading to an incorrectly represented legal name, after the legal name has been corrected, the individual may make a request to change their current ePantherID. A new ePantherID will be issued based on the corrected legal name.
The following situations will be processed at the discretion of the UWM Account Administration Office after contact with the UWM Help Desk and entry of a change request:
- The issued ePantherID results in a word or phrase that is generally accepted to be offensive or inappropriate. The current ePantherID will be taken out of service and a new ePantherID will be issued.
- The issued ePantherID results in a word, phrase or number combination that is considered offensive or inappropriate from the ethnic or cultural perspective of the ePantherID holder. The current ePantherID will be taken out of service and a new ePantherID will be issued.
It is recognized that there may be many other valid situations to request the change of the current ePantherID. The context of these varied situations is often required to determine the validity of the request, especially in cases where there is a security, legal, disciplinary, or audit related component to the request. To accommodate the variety of possible situations, all other requests to change an issued ePantherID may be appealed to the UITS IAM Program Sponsors using the appeal procedure in the next section. Cases where the UWM Account Administration Office uses its discretion to decline a request also may be appealed using the same procedure.
An individual may ask to appeal a change request that is not addressed by one of the four specific situations or in the case where the UWM Account Administration Office has declined a change request. The following procedure should be used to request a change by appeal from the UITS IAM Program Sponsors.
- The individual prepares a written justification explaining the context of the change request. The justification should speak directly to why the currently issued ePantherID hinders the individual’s ability to complete academic activities or conduct university business effectively.
- The individual contacts the UWM Help Desk asking for an ePantherID change by appeal.
- The UWM Account Administration Office will contact the individual, review the justification for completeness and verify the individual understands the appeal process. If the justification is complete, the UWM Account Administration Office will provide information for submission of the justification to the IAM Program Manager.
- After submission of the justification, the IAM Program Manager will contact the individual via email to the current ePantherID or alternate email account and provide initial feedback on the written justification before submission to the IAM Program Sponsors. Part of this feedback will be an initial assessment of the merit of the request based on past appeal history. The individual may choose to continue with the appeal process or withdraw the appeal based on this initial
- If the individual chooses to continue with the appeal, the IAM Program Manager will forward the justification to the IAM Program Sponsors for adjudication and be responsible for communicating the outcome to the
individual and the UWM Account Administration Office.
- The outcome based on a submitted justification to the IAM Program Sponsors is final.
Terms and Conditions
For ePantherID Change Requests
- The UWM Account Administration Office has 5 university business days to acknowledge a change request via email.
- The UWM Account Administration Office has 10 university business days from the time the change request was acknowledged to complete approved changes unless the individual’s schedule does not permit completion of the request in the allotted time.
- The UWM Account Administration Office will contact the individual to schedule the ePantherID change with at least 2 university business days of advanced notice.
- The UWM Account Administration Office has 1 university business day to execute the ePantherID rename process during which time the individual will not have access to services accessed using the ePantherID.
- The UWM Account Administration Office will facilitate the transfer of individual data to the new ePantherID for the following services:
- pantherLIST – Only lists owned by the individual
- Other than the services listed above, UITS cannot guarantee the transfer of any other data to the new ePantherID and it will be the responsibility of the individual to take steps to retain any desired data before the change is processed.
- Once the change is processed, the old ePantherID and any services accessible by the old ePantherID will be permanently disabled and subject to remediation during the next account deprovisioning cycle.
For ePantherID Change Appeal Requests
- The UWM Account Administration Office has 5 university business days to acknowledge an appeal request via email.
- The IAM Program Manager or a designate has 10 university business days from receipt of the justification from the individual to provide feedback to the individual via email.
- The IAM Program Manager or a designate has 5 university business days from providing feedback to submit the appeal to the IAM Program Sponsors.
- The IAM Program Sponsors have 10 university business days to adjudicate the appeal and respond to the IAM Program Manager or a designate from the time of submission by the IAM Program Manager or a designate.
- The IAM Program Manager or a designate has 2 university business days from receipt of an outcome to communicate by email theoutcome to the individual and the UWM Account Administration Office.
Vetting and Approval
The procedure will be vetted with the following operational teams:
- Account and Access Management Team
- UITS Operations Team
- IAAM Steering Committee
- Division of Enrollment Services Leadership
- UWM Human Resources Leadership
The Procedure will be approved by the following individuals:
- UW – Milwaukee Information Security Officer
The Procedure will be implemented by the UWM Account Administration Office in collaboration with the IAM Program Manager. Implementation to include:
- Publication of the procedure on a public web site
- Publication of a “Just the Facts”
- Revision of operational procedures and documentation used by UWM Account Administration Office
- Development of an operational procedure that coordinates the efforts of service operational teams to facilitate the timely changing of ePantherIDs.
- Draft – RANKM – 20100831
- Edits based on feedback from MZWOO, SAB2 and BETHS – RANKM –
- General edits and revisions – RANKM – 20100908
- Edits based on feedback from SAB2, DAVIDC, UITS Operations Team and Account and Access Management Team – RANKM – 20100924
- Edits based on feedback from DES, HR and IAAM Steering Committee to clarify that all other situations, including those related to security, legal or audit issues should be addressed via the appeal process – RANKM 20101022
- Edits for grammar and spelling – RANKM – 20101022
- Edit to specify that the IAM program manager will provide feedback via email for appeal requests – RANKM – 20101022
- Final draft approved by IAAM Steering Committee and ready for approval – RANKM – 20101028
- Approved under UWM Information Security Policy as per SAB2 – RANKM – 20101108