NB_270_21_4 - NB 270-21-4 IRM – Review of Enterprise Active Directory (EAD) Accounts, Shared Mailboxes, and Resource Accounts
NB 270-21-4 IRM – Review of Enterprise Active Directory (EAD) Accounts, Shared Mailboxes, and Resource Accounts
National Bulletin: 270-21-4 Date: June 10, 2021
Subject: IRM – Review of Enterprise Active Directory (EAD) Accounts, Shared Mailboxes, and Resource Accounts


Action Required By:  July 9, 2021
 
Purpose.  Review and, as needed, removal of EAD accounts, shared mailboxes, and resources accounts.   
 
Expiration Date.  September 30, 2021
 
Background.  The Department is getting low on available Office 365 licenses and NRCS has approximately 850 inactive EAD accounts. Deleting an EAD account will also remove the associated Office 365 account. NRCS pays an annual foundation service fee ($458) for Office 365 accounts.

Shared mailboxes and resources accounts need to be reviewed and removed if no longer used. Several of these have been setup over the years and are no longer needed, such as a shared mailbox to reserve a vehicle. The Vehicle Management Tool may have eliminated the need for the shared mailbox.
 

Explanation.  Information systems security points of contact (ISSPOC) have access to a SharePoint site where the list of inactive EAD accounts is updated bimonthly (every two months). ISSPOCs need to periodically review this list and take appropriate action. If the EAD can be deleted, an ISSPOC can use the “Agency SAAR Delete” request that can be found in the CEC digital workplace (REMEDY). The list will also be emailed to State conservationists, deputy chiefs, and assistant State conservationist management and strategy.

Note: If there is a person on the list who is not in REMEDY, send the name to jeremy.bennett@usda.gov. Jeremy Bennett will consolidate the names and provide them to Information Assurance Service Desk (IASD) for removal from EAD. If the names have not been removed from EAD per your request, contact Jeremy Bennett as your IASD POC liaison to remedy the issue(s).

ISSPOCs have access to the list of shared mailboxes and resource accounts. The list will also be emailed to State conservationists, deputy chiefs, and assistant State conservationist management and strategy. If the shared mailbox or resource account can be deleted, an ISSPOC can use the “Resource Account / Shared Mailbox” request that can be found in REMEDY https://usdacts-myit.fed.onbmc.com/dwp/app/#/itemprofile/11631.

There is a bimonthly call for ISSPOCs, titled “IAB/ISSPOC Monthly Conference Call,” held the second Tuesday from 2–3 pm EDT. If you are an ISSPOC and don’t have this meeting invite, please send an email to FPAC.InformationAssuranceServiceDesk@usda.gov with a cc to Jeremy.bennett@usda.gov.

 
Contact.  Questions can be sent to Jeremy Bennett at jeremy.bennett@usda.gov or (202) 720-0244.
 
 

 /s/

LOUIS ASPEY
Deputy Chief for Management and Strategy

 
 
[NB_270_21_4 - ]