Skip to main content

Policies

Go Search
Home
  
Policies > Wiki Pages > Systems Passwords  

Systems Passwords

Purpose:

To ensure the security of systems passwords

 

 

 

Statement:

All systems passwords will be stored in a central encrypted location.  Access to this directory is restricted to the college's Chief Information Officer and the Chief Security Officer.

 

 

 

Description:

All systems passwords that are not tied to a user's active directory credentials will be stored in a central encrypted location. 
 
  • Access to this directory is restricted to the college's Chief Information Officer and the Chief Security Officer. 
  • System passwords are made available to relevant staff only through the approval of the college's Chief Information Officer or the Chief Security Officer.
  • All systems passwords will be expired every 90 days, effective May 1, 2009.
  • The College's Chief Security Officer will maintain a directory of authorized personal who have access to specific systems passwords.  This directory will be reviewed every thirty days and also in the event of a personnel action.
  • The dissemination of systems passwords to outside agencies and third party vendors is prohibited without the written permission of the college's Chief Information Officer or the Chief Security Officer.
  • Outside agencies and third party vendors who do require systems passwords will be assigned a unique login account.  The passwords associated with these accounts will expire every thirty days or on termination of any contractual agreement.

 

 

 

Additional Information:

 

 

Approved By: Don Vescio

 

 

Date of Origination: 2/9/2008

 

 

Last modified at 7/2/2009 7:55 PM  by Vescio, Donald