[committee] Draft account locking guidelines

David Adam zanchey at ucc.gu.uwa.edu.au
Tue Mar 17 21:50:21 AWST 2009 

There's a bit of discussion on the wheel list at the moment about the 
threshold and protocol for account locks and unlocks. We had a similar 
argument on committee in 2006, and I tried to draft a policy that never 
really got finished, for reasons I can no longer recall.

Here is the (incomplete) draft; there is probably some work to be done in 
reducing my verbosity.

David Adam
UCC Committee 200{4,6,7,9} :-)
zanchey@

------

UCC network accounts are a privilege of membership, not a right. This 
policy outlines the reasons for which a member's access to his or her 
accounts may be suspend (locking of account), and the procedure for 
reinstution of access (unlocking).

This policy is a guideline for the various groups involved in managing UCC 
accounts and facilities. It is not definitive; the UCC Committee may vary 
the rules and procedures in this policy as they see fit.

Accounts may be locked for the following reasons:
- Breach of the UCC UNIX/Network Account policy,
  and, by extension, the UWA Network and Security Policy; or
- Abuse of the clubroom resources (e.g., not maintaining a reasonable 
  level of tidyness).

The act of locking an account must be performed by a Wheel member, 
although members of Door group are able to request that an account be 
locked for the second reason mentioned above. The technical methods of 
locking an account are beyond the scope of this document; members of Wheel 
group are expected to familiarise themselves with the procedure.

As well as disabling access to the account, the Wheel member responsible 
should:
- Notify the member, preferably via electronic mail to a non-UCC address.
- Notify the committee (committee-only at ucc.gu.uwa.edu.au) and the other 
  members of Wheel group (wheel at ucc.gu.uwa.edu.au).
# Do we need door group here? After all, not having an account is supposed 
to remove you from the clubroom, too.

Once an account is locked and committee is notified, the account may only 
be unlocked by a motion from the committee. Consequently, the matter 
should be discussed at the next committee meeting. Both the member whose 
account has been locked and the Wheel/Door member who has requested the 
account suspension should be allowed to present their points of view if 
they wish.

The committee should then come to a decision about the action to be taken. 
Ideally ## no idea how I was going to end this sentence.

Exceptions to this policy:
- Accounts locked after expiry of membership. These accounts may be 
  reinstated on presentation of a current membership card to a Wheel or 
  Door member.
- Accounts locked for security reason; for example, weak passwords. These 
  accounts may be reinstated once a Wheel member is satisfied that the 
  account no longer presents a significant security risk to the member and 
  Club.

More information about the committee mailing list