Departments may use more strict requirements. This Standard doesn’t take the place of password policy in your unit or department that has stricter requirements. Follow the University Incident Management Procedure to report a compromise. If you suspect someone knows your passphrase, you need to report it. The University also needs to be able to trace access to individuals on its systems. You also need to meet the requirements for any devices that have University Sensitive Information. You need to meet the requirements in this standard when you use a passphrase to any devices that connect to a University network. This includes individual, administrator, and service accounts. You need to use a password, passphrase, or other approved authentication method for all University accounts. If you fulfill the duties of a system or application administrator or have other privileged technology roles, you have more responsibilities under this Standard. ScopeĮvery person connected with the University including contractors and vendors. You may always choose to exceed these requirements. Your group, unit, or department may have more standards, or specific system security requirements. This standard sets the requirements you must at least meet. The Information Security Office (ISO) supplies training, security awareness events and activities, and other information to help you. We encourage you to use strong passphrases and methods beyond these requirements. For example, you must select passphrases that meet or exceed these standards, even when a system would allow a weaker one. NOTE: You must meet the requirements even if a system does not make you meet them. You need to be sure that reporting is compliant with University policies. If you suspect your password or passphrase has been compromised, you must report it at once. The University needs to be able to trace the use to a person. You also need to meet the requirements below for any systems that work with University data. Accounts for individual people, administrators, and system accounts are all included. Following this standard is essential to protect University information and systems.Īll methods you use to access systems that connect to the University network need to meet the requirements described below. You may also affect necessary University services. You may expose Sensitive Information if you don't take steps to protect that information. passphrases consisting of multiple words (recommended), and. The University of North Carolina at Chapel Hill ("University" or "UNC-Chapel Hill") controls access to such information by using: Many data security incidents result from unauthorized access to information stored on computers. University of North Carolina at Chapel Hill Standard on Passwords, Pass-phrases, and Other Authentication Methods Introduction Purpose
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |