Identity management is an important aspect of information technology security. Employee logins are requested by Human Resources at the time of hire and are terminated when Human Resources notifies ITS the person is no longer employed. Accounts will not be created without Human Resources requesting them.
All users, whether internal, external, or temporary, and their activity on all IT systems should have User Ids that:
System Owners are responsible for maintaining user identification and access rights in a centrally managed repository.
Passwords shall be the minimum acceptable mechanism for authenticating users and controlling access to information systems, services and applications unless specifically designated as a public access resource. All users (students, employees, contractors, and vendorsshall take the appropriate steps to select and secure their passwords. Failure to use a strong password or using a poorly chosen password when accessing information assets may result in the compromise of those assets.
This standard is designed to comply with applicable laws and regulations. However, if there is a conflict, applicable laws and regulations will take precedence.
Secure your device
All devices permanently or intermittently connected to CSU networks must have password access controls
Secure your data
Restrict access based on the need-to-know; privileges must not be extended unless a legitimate business-oriented need for such privileges exists
Secure your Password
All passwords shall be treated as sensitive, confidential information and shall not be shared with anyone including, but not limited to, administrative assistants, system administrators and/or helpdesk personnel or other members of ITS
Select Strong Passwords
Strong passwords shall be constructed with the following characteristics:
Secure from external access
Username and Passwords
You should never share your password with anyone. Nor should anyone allow someone else to use your ID and password. In many cases, log files are maintained and you are responsible for activity by your user account.
A user must be verified before they can gain access to files on a machine. This means that they must login to the machine and not be able to bypass the login. Windows XP or later OS should not be used.
Group passwords are any password and userid that is used by more than one person, such as 5 people logging into Banner using the same userid and password. Each person accessing a resource should have their own userid and password on that resource.