IA-4 Identifier Management

Description

Common device identifiers include, for example, media access control (MAC), Internet protocol (IP) addresses, or device-unique token identifiers. Management of individual identifiers is not applicable to shared information system accounts (e.g., guest and anonymous accounts).

Typically, individual identifiers are the usernames of the information system accounts assigned to those individuals. In such instances, the account management activities of AC-2 use account names provided by IA-4.

This Control also addresses individual identifiers not necessarily associated with information system accounts (e.g., identifiers used in physical security control databases accessed by badge reader systems for access to information systems).

Preventing reuse of identifiers implies preventing the assignment of previously used individual, group, role, or device identifiers to different individuals, groups, roles, or devices.

Applicability

This Control applies to all TAMU-CC information resources.

The intended audience for this Control includes all owners and custodians of information resources.

Implementation

TAMU-CC manages information system identifiers by:

Receiving authorization from Owners and Custodians to assign an individual, group, role, or device identifier;
Selecting an identifier that identifies an individual, group, role, or device;
Assigning the identifier to the intended individual, group, role, or device;
Preventing reuse of identifiers;
Disabling the identifier after ninety (90) days of inactivity for all accounts except student accounts. Student accounts shall be disabled three hundred sixty-five (365) days after the final day of the last enrolled term; and
A user’s access authorization shall be appropriately modified or removed when the user’s employment or job responsibilities within the state organization change.

Revision History

Last Updated: February 21, 2025

Previous Versions:

June 29, 2023
May 31, 2022
March 25, 2021
September 16, 2019