Security Policies
Forms
Passwords
- One password per account. Do not share passwords.
- Do not place your password in programs, command files, or function keys.
- Do not use personal names as passwords
- Do not use words found in a dictionary. Use word combinations, such as coffee-tuna. Use embedded characters and numbers, such as algor1thm.
- Do not use words having to do with astronomy as passwords.
- Passwords should be as long as possible (minimum 8 characters).
- Passwords must be changed frequently (at least every 90 days); do not reuse passwords.
- Do not use the same password that you use on non-Institute computers. Use different passwords on different classes of computers within the Institute. This will prevent breakins from spreading.
Other Issues
- If a workstation seems to have crashed or hung, notify the operators or system managers. Rebooting is only allowed as a last resort, in which case all error messages and procedures should be provided to system managers or operators as soon as possible. Be able to explain the circumstances under which the system crashed or hung.
- Each user must protect his or her own files from unwanted access. (See "Understanding Protection Codes" on page 54).
- Each user must monitor login failure messages and last login dates to verify that there were no breakins or attempts. Any unexpected failure messages must be reported immediately to the system managers.
- Institute accounts may not be used to make unauthorized access to operational computers or to systems on any computer network.
Privileged Accounts
- Privileges will be used only to accomplish specific job duties, as specified in the privileged account request form.
- No unauthorized access of data or other files is allowed.
- No unauthorized access of electronic mail is allowed.
- Process priorities may not be adjusted.
- No tampering with devices, process quotas, or system configuration parameters is allowed.
- Passwords
-
- Other Issues
-
- Privileged Accounts
-
Generated with CERN WebMaker