This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
FAQ Log in to ask a question

Procedures for suspending and deleting student and staff accounts

panderson
Contributor III

‎09-14-2023 11:57 AM

I know this has been asked many times in the past, but not here, so I figured I would ask here.  I am trying to put together a policy on when accounts should be suspended and when they should be deleted.   Right now, we tend to delete student accounts within two years (no time is officially set) and we have never deleted staff Google accounts.  What does everyone else do or recommend regarding deleting student and staff Google accounts?  🤔

 

Topics:
Reply
4 REPLIES 4

rdnixon
Contributor

‎09-14-2023 12:13 PM

Entirely automated. When they are down as leavers on the MIS, they are suspended immediately. Student accounts are deleted after 1 year and staff 2. We backup Workspace data and can restore data from a deleted account up to the retention period we set. Works for us.

Reply

Kim_Nilsson
Admin Moderator

‎09-14-2023 10:49 PM

We are also fully automated, and it's the only way I can recommend.

Automation can be done with whichever tool you want. Scheduling gam works great, based off some source CSV that is automatically and regularly updated. GCDS or the built-in Directory Sync are other ways, or with some other identity management tool with API capabilities.

Set a retention period (it can be whatever you want) and then stick to it. It's fine to have different periods for students and staff. Motivate why they are chosen, and then you're set.

There are also zero valid reasons to keep any real user accounts forever, nor to ever create/keep alumni accounts. that's just wasting resources you need for active users. Do note that I don't count utility/service accounts to "real users", as they are not supposed to be used for logging into things, but to manage services and/or necessary processes, which should never be owned by real-user accounts.

--
https://wheretofind.me/@NoSubstitute
Reply

slvandewalle_gb
New Contributor III

‎09-15-2023 11:23 AM

One thing to consider before you start deleting accounts is that when you delete the account any data associated with that account in vault is also deleted.

Reply

Kim_Nilsson
Admin Moderator

‎09-15-2023 02:57 PM

Yes, it's very important to understand how Vault works. It's not a real backup service.

It's a mirror with retention.

As long as the user exists, you can show a reflection of the user's data, even after the user has deleted it, but as soon as the user is deleted so is the reflection/data.

--
https://wheretofind.me/@NoSubstitute
0 Kudos
Reply
Related Content
  • © 2023 Google. All rights reserved.
  • Privacy Policy
  • Terms of Service
  • Community Guidelines