IT Account and Access Procedure
|
|
- Hillary Nelson
- 8 years ago
- Views:
Transcription
1 IT Accunt and Access Prcedure
2 Revisin Histry Versin Date Editr Nature f Change 1.0 3/23/06 Kelly Matt Initial Release
3 Table f Cntents 1.0 Overview Purpse Scpe Passwrds User Requirements Technical Requirements Prcedural Requirements Bad Passwrd Practices: Passwrd Self Service Accunt Management Accunt Taxnmy Granting Access Administrative Accunts: Administrative Accunt Passwrd Requirements: Tw-factr authenticatin fr Administrative Accunt:. Errr! Bkmark nt defined. 5.4 Temprary Privilege Accunts: Reevaluatin f System Access Revking Access Enfrcement Related Plicies, Prcedures, and Cdes f Cnduct Appendix A: Active Directry Passwrd Cnfiguratin... 5 Appendix B: IT Accunt and Access Prcedure Exceptin... 6
4 1.0 Overview All individuals wh access the University f Nrthern Clrad s cmputing infrastructure have a respnsibility t safeguard these systems and data. User accunts and passwrds are tw mechanisms thrugh which this is accmplished. This prcedure establishes the rules by which user accunts and passwrds shuld be managed and used n any cmputing resurce belnging t the University. 2.0 Purpse The ability t access infrmatin and/r applicatin systems within UNC s cmputing envirnment must be based n clearly defined business requirements. This dcument aids in establishing clear definitin fr accunt and passwrd management. 3.0 Scpe This Prcedure applies t emplyees, cntractrs, cnsultants, temprary emplyees, and ther wrkers at UNC including all persnnel affiliated with third parties. This Regulatin applies t all equipment that is wned r leased by UNC. 4.0 Passwrds Passwrds are an imprtant frm f prtectin used t ensure that the University s infrmatin is stred and prcessed in a secure manner. Due t this, passwrds must be defined and implemented in accrdance with a minimum set f standards. This sectin establishes the rules by which passwrd shuld be assigned and used n any cmputing resurce belnging t the University 4.1 User Requirements Users are respnsible fr all activity perfrmed with their individual user-id. User-IDs may nt be utilized by anyne the individuals t whm they have been issued. Users must nt allw thers t perfrm any activity with their user-ids. Similarly, users must nt perfrm any activity with IDs belnging t ther users. Users must chse their wn passwrds. They shuld nt be easily guessed but easy enugh fr the user t remember withut writing it dwn. Users are respnsible fr maintaining the security f their passwrds. Passwrds shuld NEVER be shared, written dwn, r stred electrnically. If a user must write a passwrd dwn, it shuld never be written n smething that can be assciated with the user (i.e. business cards). If passwrds need t be stred electrnically an encryptin schema that is apprved by the Office f Infrmatin Security must be used. (See Appendix B IT Accunt and Access Prcedure Exceptin) The sharing f a single user ID r assciated passwrd amng several users is prhibited Prir t receiving an accunt, all users must sign a statement acknwledging that they have received and reviewed the university s IT acceptable user regulatin. Access t varius types f infrmatin may be blcked. Individuals will be required t btain apprpriate apprval prir t being allwed access. Individuals accessing university data withut a valid business need may be subject t disciplinary actin. If a user believes their passwrd has been cmprmised, the user shuld cntact the UNC Technical Supprt Center immediately fr assistance. 4.2 Technical Requirements Persnal cmputers shall have a screen saver passwrd set t autmatically engage after 10 minutes f inactivity. Where technically feasible all systems will at a minimum prmpt fr user ID and emply passwrds fr accunt access. All accunts must be disabled after 5 unsuccessful lgn attempts. Where technically feasible passwrd cmplexity must be prgrammatically enfrced. Passwrds must be a minimum f 9 characters lng fr all user accunts. Page 1 9/26/2006
5 Passwrds shuld nt be displayed in plain text n the mnitr when entered. Where technically feasible single-sign-n technlgy shuld be used. Passwrds must cntain characters frm at least three f the fllwing fur classes: Upper case letters Lwer case letters Numeric (0 t9), this shuld nt be the first r last character One special character, this shuld nt be the first r last character Where technically feasible a passwrd histry f 14 passwrds must be retained t limit passwrd reuse. Where technically feasible the minimum passwrd age shall be 1 day. User accunts must change passwrds every 90 days. Users must be able t change their wn passwrd independent f any external party. 4.3 Prcedural Requirements Administrative accunts must fllw the prcedures identified in sectin TSC persnnel must verify the identity f a user prir t resetting the passwrd. Identity verificatin may be dne by using vic call back r by sme ther apprved frm f identity verificatin. A system administratr must manually unlck accunts. New accunts r accunts fr which a passwrd has been reset must be set t expire at the next lgin attempt. Passwrds must nt be embedded in scripts r applicatin cde and will nt be used in URL passing. Fr internet applicatin, separate the delivery f user ID and passwrds is required. All new r reset passwrds must meet cmplexity rules and be randmly generated. N cmmn r default passwrds will be used. N default system and applicatin passwrds are allwed. Passwrds exempted frm regular changing must have an apprved exceptin. Exceptins must be apprved by the Office f Infrmatin Security and the apprpriate directr fr the respective IT unit. The passwrd will be a minimum f 12 characters (r the maximum permitted by technlgy, whichever is less) in length. Upn renewal f the exceptin, the passwrd must be changed. User accunts with nn-expiring passwrds are prhibited. 4.4 Bad Passwrd Practices: The fllwing are sme examples f practices and behavirs that can result in weak r bad passwrds. Under n circumstances shuld individuals use passwrds that utilize the fllwing: Passwrds that match the accunt ID Passwrds that cntain the user accunt wner s name, first middle r last. Passwrds that cntain the users bear ID r Scial Security number Any vendr r prduct name Any cnsecutive r repeating keybard characters e.g. 123, jkl Individuals are strngly urged t nt use the fllwing when creating there passwrds: The name f a fd, celebrity, sprt r sprts team IT Accunt and Access Prcedure Wrds that are fund in cmmn dictinaries English r therwise Using sequential passwrds Passwrds that cntain family member r pet names Page 2 9/26/2006
6 4.5 Passwrd Self Service Passwrd Self Service is a pwerful and very useful tl. This technlgy can reduce supprt csts and significantly reduce supprt calls. The benefits frm these tls are significant. Hwever, due t the very pwerful nature f these tls precautins must be in place t guard against misuse and abuse. The fllwing are base level guidelines that a passwrd self service slutin must meet. Servers and systems used t prvide passwrd reset activities must be sufficiently secured and have limited well defined access rights. All passwrd reset related activities must be handled via an encrypted channel At n pint in the passwrd reset prcess shuld any data used t reset passwrds be passed in clear text. Infrmatin gathered and used t perfrm passwrd resets must be sufficiently unique t the given individual. Infrmatin that a large number f individuals may have in cmmn shuld nt be used t reset user passwrds. Infrmatin gathered and used t perfrm passwrd resets must nt be easily guessed r easily btained. Examples include but are nt limited t the fllwing: Mthers maiden name Data f birth Place f birth Favrite Clr 5.0 Accunt Management User accunts are the primary frm f digital identity and access t UNC cmputing resurces. As such, it is vitally imprtant that these digital identities be managed in a cnsistent fashin. The fllwing utlines accunt management practices fr the University f Nrthern Clrad. 5.1 Accunt Taxnmy The fllwing naming standards will be used fr all accunts created within the universities cmputing envirnment. User accunts: first name.last name Administratr accunts: last.admin Service accunts: unique descriptin.service (In additin t a standard descriptins a primary cntact must be defined and dcumented in a descriptin r cmments field fr the accunt. The primary cntact shuld be defined by psitin as well as name.) 5.2 Granting Access Netwrk access must be granted based n business requirements. Privileges will be granted nly when there is a legitimate need. User accunts require prper authrizatin prir t being established. T maintain individual accuntability and system integrity, user IDs must be unique within and acrss cmputing platfrms. Each cmputer and cmmunicatin system user-id must uniquely identify nly ne user. Shared r grup user-ids are permitted nly when the use f a unique user-id is nt feasible. Exceptins must be dcumented and apprved by management and the Office f Infrmatin Security. 5.3 Administrative Accunts: Each request fr administrative rights will be made in writing and will include the fllwing: Justificatin fr the need fr the accunt Line management apprval Page 3 9/26/2006
7 Infrmatin Security Office apprval IT Management apprval Administrative Accunt Passwrd Requirements: Accunts that have elevated privileges must adhere t the fllwing passwrd requirements: All administrative, technical supprt accunts, and accunts deemed t have privileged access must change there passwrd every 45 days. These accunts, where technically feasible, must make use f a 14 character passwrd. Passwrd, where technically feasible, must cnsist f uppercase, lwercase, numbers, special characters, and extended ASCII characters. 5.4 Temprary Privilege Accunts: Temprary privilege accunts will be re-evaluated every 6 mnths. Temprary privilege accunts will nly be issued at the discretin f the UNC Infrmatin Security Office with the apprval f IT management. Duratin f such accunts will be negtiated based upn the business need and nly when there is n viable alternative slutin. These accunts will be limited in functin, allwed nly t perfrm the required task/s. Prjects: When privileges are granted fr a particular prject, these privileges will be revked at the cmpletin f the prject. 5.5 Reevaluatin f System Access System privileges shuld be reviewed n a peridic basic. Accunt and privileges that n lnger apprpriate must be prmptly revked. All user accunts that have been inactive fr 60 cnsecutive days will be reviewed, disabled, and deleted frm the system as necessary. New accunts nt activated within 14 days must be disabled. 5.6 Revking Access The fllwing guidelines specify the requirements fr separatin f emplyees and cntractrs. User accunt shall be immediately disabled upn separatin frm the university. As part f the separatin Human Resurces will submit a request t the TSC t have the accunt disabled. Reactivating an accunt that has been disabled will require the user t fllw the initial request prcess. 6.0 Enfrcement Thse fund t have vilated this regulatin may be subject t suspensin f cmputer access privileges. 7.0 Related Plicies, Prcedures, and Cdes f Cnduct. All applicable laws and University plicies, regulatins and prcedures bind UNC students and emplyees. UNC Acceptable Use Regulatin: Page 4 9/26/2006
8 Appendix A: Active Directry Passwrd Cnfiguratin Active Directry Passwrd Plicy Setting: Plicy Enfrce passwrd histry Maximum passwrd age Minimum passwrd age Minimum passwrd length Passwrd must meet cmplexity requirements Stre passwrds using reversible encryptin Setting 14 passwrds remembered 90 days 1day 9 characters Enable Disabled Accunt Lckut Settings: Plicy Accunt lckut duratin Accunt lckut threshld Reset accunt lckut cunter after Setting lckut until unlcked by admin 5 invalid lgn attempts 30 minutes Page 5 9/26/2006
9 Appendix B: IT Accunt and Access Prcedure Exceptin IT Accunt and Access Prcedures exceptin can nly be granted after a security review and with applicable functinal area directr apprval. Exceptins will nly be granted in cases where there is a well justified need and business case fr nt adhering t IT Security Prcedures. Mitigating cntrls will be required in any case were an exceptin t this prcedure is granted. These cntrls must be apprved by the Office f Infrmatin Security and dcumented in this frm. Exceptins are granted fr a maximum f 12 mnths but can be granted fr intervals shrter then 12 mnths. Upn expiratin f an exceptin a review will be cnducted with the requester and the validity f the exceptin examined. If the exceptin is still deemed necessary and prudent the requester must submit a new exceptin frm fr the new time perid. Passwrds fr the accunt must be changed at the expiratin f any given exceptin. Requester: Psitin: Department: Accunt Name: Technical Reasn fr Exceptin: Business Justificatin: Security Requirements and Mitigating Cntrls: Security Apprval Print Name: Sign: Date: Unit Directr Apprval: Print Name: Sign: Date: Exceptin Terminatin (Max 12 Mnths): Page 6 9/26/2006
5.2.1 Passwords. Information Technology Policy. Policy. Purpose. Policy Statement. Applicability of this Policy
Infrmatin Technlgy Plicy 5.2.1 Passwrds Plicy Area: 5.2 Security Title: 5.2.1 Passwrds Issued by: Assistant Vice-President/CIO, ITS Date Issued: 2006 July 24 Last Revisin Date: 2011 Octber 19 Apprved by:
More informationChristchurch Polytechnic Institute of Technology Access Control Security Standard
CPIT Crprate Services Divisin: ICT Christchurch Plytechnic Institute f Technlgy Access Cntrl Security Standard Crprate Plicies & Prcedures Sectin 1: General Administratin Dcument CPP121a Principles Infrmatin
More informationVCU Payment Card Policy
VCU Payment Card Plicy Plicy Type: Administrative Respnsible Office: Treasury Services Initial Plicy Apprved: 12/05/2013 Current Revisin Apprved: 12/05/2013 Plicy Statement and Purpse The purpse f this
More informationSecurity Services. Service Description Version 1.00. Effective Date: 07/01/2012. Purpose. Overview
Security Services Service Descriptin Versin 1.00 Effective Date: 07/01/2012 Purpse This Enterprise Service Descriptin is applicable t Security Services ffered by the MN.IT Services and described in the
More informationUniversity of Texas at Dallas Policy for Accepting Credit Card and Electronic Payments
University f Texas at Dallas Plicy fr Accepting Credit Card and Electrnic Payments Cntents: Purpse Applicability Plicy Statement Respnsibilities f a Merchant Department Prcess t Becme a Merchant Department
More informationNorwood Public Schools Internet & Cell Phone Use Agreement School Year 2015-16
Yu must read and agree t fllw the netwrk rules belw t use yur netwrk accunt r access the internet. Nrwd Public Schls makes available t students access t cmputers and the Internet. Students are expected
More informationHillsborough Board of Education Acceptable Use Policy for Using the Hillsborough Township Public Schools Network
2361/Page 1 f 6 Hillsbrugh Bard f Educatin Acceptable Use Plicy fr Using the Hillsbrugh Twnship Public Schls Netwrk It is the gal f the HTPS (Hillsbrugh Twnship Public Schls) Netwrk t prmte educatinal
More informationTechnical Writing - TheUsers Visa (SHR User Accunt)
POLICY Number: 7311-25-004 Title: Saskatn Health Regin User Accunt Plicy Authrizatin [ ] President and CEO [X] Vice President, Finance and Crprate Services Surce: Directr, Infrmatin Technlgy Services Crss
More informationCOPIES-F.Y.I., INC. Policies and Procedures Data Security Policy
COPIES-F.Y.I., INC. Plicies and Prcedures Data Security Plicy Page 2 f 7 Preamble Mst f Cpies FYI, Incrprated financial, administrative, research, and clinical systems are accessible thrugh the campus
More informationThe user authentication process varies from client to client depending on internal resource capabilities, and client processes and procedures.
Learn Basic Single Sign-On Authenticatin Tale s Basic SSO applicatin grants Learn access t users withut requiring that they enter authenticatin lgin credentials (username and passwrd). The access pint
More informationSystems Support - Extended
1 General Overview This is a Service Level Agreement ( SLA ) between and the Enterprise Windws Services t dcument: The technlgy services the Enterprise Windws Services prvides t the custmer. The targets
More informationGUIDANCE FOR BUSINESS ASSOCIATES
GUIDANCE FOR BUSINESS ASSOCIATES This Guidance fr Business Assciates dcument is intended t verview UPMCs expectatins, as well as t prvide additinal resurces and infrmatin, t UPMC s HIPAA business assciates.
More informationPersonal Data Security Breach Management Policy
Persnal Data Security Breach Management Plicy 1.0 Purpse The Data Prtectin Acts 1988 and 2003 impse bligatins n data cntrllers in Western Care Assciatin t prcess persnal data entrusted t them in a manner
More informationPOLICY 1390 Information Technology Continuity of Business Planning Issued: June 4, 2009 Revised: June 12, 2014
State f Michigan POLICY 1390 Infrmatin Technlgy Cntinuity f Business Planning Issued: June 4, 2009 Revised: June 12, 2014 SUBJECT: APPLICATION: PURPOSE: CONTACT AGENCY: Plicy fr Infrmatin Technlgy (IT)
More informationRUTGERS POLICY. Responsible Executive: Vice President for Information Technology and Chief Information Officer
RUTGERS POLICY Sectin: 70.1.1 Sectin Title: Infrmatin Technlgy Plicy Name: Acceptable Use Plicy fr Infrmatin Technlgy Resurces Frmerly Bk: N/A Apprval Authrity: Senir Vice President fr Administratin Respnsible
More informationedoc Lite Recruitment Guidelines
edc Lite Recruitment Guidelines Intrductin OneStart & the Academic Psitin Search Channel edc Lite Ruting and Wrkgrups Ruting Actin List Ruting Cntrls Wrkgrups Dcument Search edc Lite Dcuments Vacancy Ntice
More informationWoodstock Multimedia, INC. Software/Hardware Usage Policy
Wdstck Multimedia, INC. Sftware/Hardware Usage Plicy POLICY PURPOSE The purpse f the Wdstck Multimedia, INC. Sftware / Hardware Usage Plicy is t ensure that Wdstck Multimedia, INC. emplyees are prperly
More informationImmaculate Conception School, Prince George Bring Your Own Device Policy for Students
Bring Yur Own Device Plicy fr Students Purpse This plicy utlines the acceptable use f electrnic devices t maintain a safe and secure educatin envirnment with the gal f preparing students fr the future,
More informationData Protection Policy & Procedure
Data Prtectin Plicy & Prcedure Page 1 Prcnnect Marketing Data Prtectin Plicy V1.2 Data prtectin plicy Cntext and verview Key details Plicy prepared by: Adam Haycck Apprved by bard / management n: 01/01/2015
More informationVersion: Modified By: Date: Approved By: Date: 1.0 Michael Hawkins October 29, 2013 Dan Bowden November 2013
Versin: Mdified By: Date: Apprved By: Date: 1.0 Michael Hawkins Octber 29, 2013 Dan Bwden Nvember 2013 Rule 4-004J Payment Card Industry (PCI) Patch Management (prpsed) 01.1 Purpse The purpse f the Patch
More informationDisplayNote Technologies Limited Data Protection Policy July 2014
DisplayNte Technlgies Limited Data Prtectin Plicy July 2014 1. Intrductin This dcument sets ut the bligatins f DisplayNte Technlgies Limited ( the Cmpany ) with regard t data prtectin and the rights f
More informationSPECIFICATION. Hospital Report Manager Connectivity Requirements. Electronic Medical Records DRAFT. OntarioMD Inc. Date: September 30, 2010
OntariMD Inc. Electrnic Medical Recrds SPECIFICATION Hspital Reprt Manager Cnnectivity Requirements DRAFT Date: September 30, 2010 Versin: 1.0 2007-2010 OntariMD Inc. All rights reserved HRM EMR Cnnectivity
More informationSupersedes: DPS Policy 10.09 - Internet and Use Of The DPSnet, July 14, 2000 Effective: February 15, 2005 Pages: 1 of 5
Plicy: 13.01 SUBJECT: INTERNET USAGE Supersedes: DPS Plicy 10.09 - Internet and Use Of The DPSnet, July 14, 2000 Effective: February 15, 2005 Pages: 1 f 5 1.0 POLICY PURPOSE Detrit Public Schls (DPS) Internet
More informationIMPLEMENTATION DETAILS
Plicy: Title: Status: 1. Intrductin ISP-I10 Payment Card Security Apprved Infrmatin Security Plicy Dcumentatin IMPLEMENTATION DETAILS 1.1. This dcument supprts implementatin f the "Payment Card Industry
More informationTo clarify terms used within these policies, the following definitions are provided:
Baker University Email Plicy E-mail services are prvided t the Baker cmmunity in supprt f the educatinal missin f the University and the administrative functins t carry ut that missin. Users f Baker e-mail
More informationTHIRD PARTY PROCUREMENT PROCEDURES
ADDENDUM #1 THIRD PARTY PROCUREMENT PROCEDURES NORTH CENTRAL TEXAS COUNCIL OF GOVERNMENTS TRANSPORTATION DEPARTMENT JUNE 2011 OVERVIEW These prcedures establish standards and guidelines fr the Nrth Central
More informationInformation Services Hosting Arrangements
Infrmatin Services Hsting Arrangements Purpse The purpse f this service is t prvide secure, supprted, and reasnably accessible cmputing envirnments fr departments at DePaul that are in need f server-based
More informationWire Transfer Request
Wire Transfer Request Requirements and Instructins OFFICE OF DISBURSEMENTS Categry: Dcument Name: Payment Prcessing Wire Transfer Request - Requirements and Instructins Respnsible Department: Office f
More informationUnified Infrastructure/Organization Computer System/Software Use Policy
Unified Infrastructure/Organizatin Cmputer System/Sftware Use Plicy 1. Statement f Respnsibility All emplyees are charged with the security and integrity f the cmputer system. Emplyees are asked t help
More informationVersion Date Comments / Changes 1.0 January 2015 Initial Policy Released
Page 1 f 6 Vice President, Infrmatics and Transfrmatin Supprt APPROVED (S) REVISED / REVIEWED SUMMARY Versin Date Cmments / Changes 1.0 Initial Plicy Released INTENT / PURPOSE The Infrmatin and Data Gvernance
More informationTexas Woman's University University Policy Manual
Texas Wman's University University Plicy Manual Plicy Name: Plicy Number: 6.06 Date Passed: July 2004 Health Insurance Prtability& Accuntability Act (HIPAA) Date Reviewed: September 2008 Next Review: September
More informationChange Management Process For [Project Name]
Management Prcess Fr [Prject Name] i 1 Intrductin The is fllwed during the Executin phase f the Prject Management Life Cycle, nce the prject has been frmally defined and planned. 1.1 What is a Management
More informationCloud Services MDM. Windows 8 User Guide
Clud Services MDM Windws 8 User Guide 10/24/2014 CONTENTS Overview... 2 Supprted Devices... 2 System Capabilities... 2 Enrllment and Activatin... 3 Prcess Overview... 3 Verify Prerequisites... 3 Dwnlad
More informationADMINISTRATION AND FINANCE POLICIES AND PROCEDURES TABLE OF CONTENTS
CONTROL Revisin Date: 1/21/03 TABLE OF CONTENTS 10.01 OVERVIEW OF ACCOUNTING FOR INVESTMENT IN PLANT... 2 10.01.1 CURRENT POLICY... 2 10.02 INVENTORY MAINTENANCE AND CONTROL... 3 10.02.1 PROCEDURES FOR
More informationNew York Institute of Technology Faculty and Staff Email Retention Policy
New Yrk Institute f Technlgy Faculty and Staff Email Retentin Plicy Nvember 2013 I. PURPOSE As electrnic mail (email) has becme the primary frm f cmmunicatin at NYIT and thrughut the wrld, the vlume f
More informationTrustED Briefing Series:
TrustED Briefing Series: Since 2001, TrustCC has prvided IT audits and security assessments t hundreds f financial institutins thrugh ut the United States. Our TrustED Briefing Series are white papers
More informationGETTING STARTED With the Control Panel Table of Contents
With the Cntrl Panel Table f Cntents Cntrl Panel Desktp... 2 Left Menu... 3 Infrmatin... 3 Plan Change... 3 Dmains... 3 Statistics... 4 Ttal Traffic... 4 Disk Quta... 4 Quick Access Desktp... 4 MAIN...
More informationAccess EEC s Web Applications... 2 View Messages from EEC... 3 Sign In as a Returning User... 3
EEC Single Sign In (SSI) Applicatin The EEC Single Sign In (SSI) Single Sign In (SSI) is the secure, nline applicatin that cntrls access t all f the Department f Early Educatin and Care (EEC) web applicatins.
More informationFAFSA / DREAM ACT COMPLETION PROGRAM AGREEMENT
FAFSA / DREAM ACT COMPLETION PROGRAM AGREEMENT If using US Pstal Service, please return t: Califrnia Student Aid Cmmissin Prgram Administratin & Services Divisin ATTN: Institutinal Supprt P.O. Bx 419028
More informationGrants Online. Quick Reference Guide Grant Recipients
Abut Grants Online: Grants Online perates in a web envirnment. Internet Explrer is the preferred brwser fr PC users, but Ggle Chrme als wrks well; FireFx is the preferred brwser fr MAC users. N sftware
More informationService Level Agreement Distributed Hosting and Distributed Database Hosting
Office f Infrmatin Technlgy Services Service Level Agreement Distributed Hsting and Distributed Database Hsting Nvember 12, 2013 Service Descriptin Distributed Hsting and Distributed Database Hsting Service
More informationInformation Technology Services Logical Access Procedure. Prepared by: Jefferson Wells. Desk Procedure - Logical Access Final Draft Last Modified:
Infrmatin Technlgy Services Lgical Access Prcedure Prepared by: Jeffersn Wells Desk Prcedure - Lgical Access Final Draft Last Mdified: Saint Luis University Lgical Access Prcedure Table f Cntents I. Intrductin.
More informationHillsborough Board of Education Acceptable Use Policy for Using the Hillsborough Township Public Schools Network
2361/Page 1 f 8 Hillsbrugh Bard f Educatin Acceptable Use Plicy fr Using the Hillsbrugh Twnship Public Schls Netwrk The Bard f Educatin recgnizes as new technlgies shift the manner in which infrmatin is
More informationEA-POL-015 Enterprise Architecture - Encryption Policy
Technlgy & Infrmatin Services EA-POL-015 Enterprise ure - Encryptin Plicy Authr: Craig Duglas Date: 17 March 2015 Dcument Security Level: PUBLIC Dcument Versin: 1.0 Dcument Ref: EA-POL-015 Dcument Link:
More informationABELMed Platform Setup Conventions
ABELMed Platfrm Setup Cnventins 1 Intrductin 1.1 Purpse f this dcument The purpse f this dcument is t prvide prspective ABELMed licensees and their hardware vendrs with the infrmatin that they will require
More informationIssuing of qualifications and statement of attainment Policy and Procedures Version: 3.0 Last Modified: 1 March 2015
Issuing f qualificatins and statement f attainment Plicy and Prcedures Versin: 3.0 Last Mdified: 1 March 2015 Purpse ANC issues AQF certificatin dcumentatin nly t a learner whm it has assessed as meeting
More informationInternet and E-Mail Policy User s Guide
Internet and E-Mail Plicy User s Guide Versin 2.2 supprting partnership in mental health Internet and E-Mail Plicy User s Guide Ver. 2.2-1/5 Intrductin Health and Scial Care requires a great deal f cmmunicatin
More informationSymantec User Authentication Service Level Agreement
Symantec User Authenticatin Service Level Agreement Overview and Scpe This Symantec User Authenticatin service level agreement ( SLA ) applies t Symantec User Authenticatin prducts/services, such as Managed
More informationHIPAA Compliance 101. Important Terms. Pittsburgh Computer Solutions 724-942-1337
HIPAA Cmpliance 101 Imprtant Terms Cvered Entities (CAs) The HIPAA Privacy Rule refers t three specific grups as cvered entities, including health plans, healthcare clearinghuses, and health care prviders
More informationHIPAA HITECH ACT Compliance, Review and Training Services
Cmpliance, Review and Training Services Risk Assessment and Risk Mitigatin: The first and mst imprtant step is t undertake a hlistic risk assessment that examines the risks and cntrls related t fur critical
More informationMerchant Processes and Procedures
Merchant Prcesses and Prcedures Table f Cntents EXHIBIT C 1. MERCHANT INTRODUCTION TO T-CHEK 3 1.1 Wh is T-Chek Systems? 3 1.2 Hw t Cntact T-Chek Systems 3 1.3 Hw t Recgnize T-Chek Frms f Payment 3 1.3.1
More informationSaaS Listing CA Cloud Service Management
SaaS Listing CA Clud Service Management 1. Intrductin This dcument prvides standards and features that apply t the CA Clud Service Management (CSM) SaaS ffering prvided t the Custmer and defines the parameters
More informationInformation & Communications Technology ICT Security Compliance Guide (Student)
Infrmatin & Cmmunicatins Technlgy ICT Security Cmpliance Guide (Student) RESTRICTED Dcument ID: ICT-SSG Versin 1.1 Effective Date 1 Nv 2011 Dcument Cntrl Revisin Histry Versin Date Descriptin Authr 1.0
More informationIssuing of qualifications and statement of attainment Policy and Procedures Version: 5.0 Last Modified: 12 February 2015
Issuing f qualificatins and statement f attainment Plicy and Prcedures Versin: 5.0 Last Mdified: 12 February 2015 Purpse Duke Cllege issues AQF certificatin dcumentatin nly t a learner whm it has assessed
More informationiphone Mobile Application Guide Version 2.2.2
iphne Mbile Applicatin Guide Versin 2.2.2 March 26, 2014 Fr the latest update, please visit ur website: www.frte.net/mbile Frte Payment Systems, Inc. 500 West Bethany, Suite 200 Allen, Texas 75013 (800)
More informationEnterprise IT Migration Overview & FAQ
Enterprise IT Migratin Overview & FAQ The fllwing cmmunicatin is targeted t AgriLife emplyees lcated in Extensin and Research centers thrughut the state. This cmmunicatin shuld be distributed t everyne
More informationGrants Online. Quick Reference Guide - Grantees
Abut Grants Online: Grants Online perates in a web envirnment. Internet Explrer is the preferred brwser fr PC users; FireFx is the preferred brwser fr MAC users. N sftware is required fr installatin. Lgins
More informationRSA SecurID Software Token Security Best Practices Guide. Version 3
RSA SecurID Sftware Tken Security Best Practices Guide Versin 3 Cntact Infrmatin G t the RSA crprate web site fr reginal Custmer Supprt telephne and fax numbers: www.rsa.cm. Trademarks RSA, the RSA Lg
More informationIMT Standards. Standard number A000014. GoA IMT Standards. Effective Date: 2010-09-30 Scheduled Review: 2011-03-30 Last Reviewed: Type: Technical
IMT Standards IMT Standards Oversight Cmmittee Gvernment f Alberta Effective Date: 2010-09-30 Scheduled Review: 2011-03-30 Last Reviewed: Type: Technical Standard number A000014 Electrnic Signature Metadata
More informationAccessible Service Policy
Accessible Service Plicy Date Created Revisin Oct. 16, 2012 1 Gal This plicy is intended t meet the requirements f the Accessibility Standards fr Custmer Service, Ontari Regulatin 429/07 under the Accessibility
More informationInternet Banking Agreement and Disclosure Statement
Internet Banking Agreement and Disclsure Statement This agreement cntains the terms and cnditins that gvern accessing r using Internet Banking (NetTeller), Bill Payment Services, Mbile Banking and On Demand
More informationElectronic and Information Resources Accessibility Compliance Plan
Electrnic and Infrmatin Resurces Accessibility Cmpliance Plan Intrductin The University f Nrth Texas at Dallas (UNTD) is cmmitted t prviding a wrk envirnment that affrds equal access and pprtunity t therwise
More informationCHANGE MANAGEMENT STANDARD
The electrnic versin is current, r when printed and stamped with the green cntrlled dcument stamp. All ther cpies are uncntrlled. DOCUMENT INFORMATION Descriptin Dcument Owner This standard utlines the
More informationTITLE: RECORDS AND INFORMATION MANAGEMENT POLICY
TITLE: RECORDS AND INFORMATION MANAGEMENT POLICY REFERENCE NUMBER: 14/103368 RESPONSIBLE DEPARTMENT: Crprate Services APPLICABLE LEGISLATION: State Recrds Act 1997 Lcal Gvernment Act 1999 Crpratins Act
More informationBLUE RIDGE COMMUNITY AND TECHNICAL COLLEGE BOARD OF GOVERNORS
BLUE RIDGE COMMUNITY AND TECHNICAL COLLEGE BOARD OF GOVERNORS SERIES: 1 General Rules RULE: 17.1 Recrd Retentin Scpe: The purpse f this rule is t establish the systematic review, retentin and destructin
More informationImproved Data Center Power Consumption and Streamlining Management in Windows Server 2008 R2 with SP1
Imprved Data Center Pwer Cnsumptin and Streamlining Management in Windws Server 2008 R2 with SP1 Disclaimer The infrmatin cntained in this dcument represents the current view f Micrsft Crpratin n the issues
More informationAmerican Recovery and Reinvestment Act Reporting Policy
American Recvery and Reinvestment Act Reprting Plicy Updated May 2010 1 I. Backgrund On February 17, 2009, President Barack Obama signed the American Recvery and Reinvestment Act f 2009 (ARRA) int law.
More informationES PROCEDURES FOR OVERPAYMENT RECOVERY
ES PROCEDURES FOR OVERPAYMENT RECOVERY Effective: 7/1/2012 Respnsible Office: Emplyee Services (ES) Apprved: ES Directr Applicatin: All Emplyees f the University f Clrad Plicy The University f Clrad will
More informationHow To Ensure That The Internet Is Safe For A Health Care Worker
POLICY Dc. Cde: IS I5 INTERNET - ACCEPTABLE USE Applicable t: MidCentral DHB Including MidCentral Health & Enable NZ Issued by: Infrmatin Systems Cntact: Manager Service Delivery 1. PURPOSE This plicy
More informationFORM ADV (Paper Version) UNIFORM APPLICATION FOR INVESTMENT ADVISER REGISTRATION AND REPORT FORM BY EXEMPT REPORTING ADVISERS
APPENDIX A FORM ADV (Paper Versin) UNIFORM APPLICATION FOR INVESTMENT ADVISER REGISTRATION AND REPORT FORM BY EXEMPT REPORTING ADVISERS Frm ADV: General Instructins Read these instructins carefully befre
More informationFAYETTEVILLE STATE UNIVERSITY
FAYETTEVILLE STATE UNIVERSITY IDENTITY THEFT PREVENTION (RED FLAGS RULE) Authrity: Categry: Issued by the Fayetteville State University Bard f Trustees. University-Wide Applies t: Administratrs Faculty
More informationRequest for Resume (RFR) CATS II Master Contract. All Master Contract Provisions Apply
Sectin 1 General Infrmatin RFR Number: (Reference BPO Number) Functinal Area (Enter One Only) F50B3400026 7 Infrmatin System Security Labr Categry A single supprt resurce may be engaged fr a perid nt t
More informationConfiguring BMC AREA LDAP Using AD domain credentials for the BMC Windows User Tool
Cnfiguring BMC AREA LDAP Using AD dmain credentials fr the BMC Windws User Tl Versin 1.0 Cnfiguring the BMC AREA LDAP Plugin fr Dmain Username and Passwrds Intrductin...3 LDAP Basics...4 What is LDAP and
More informationJuniper Networks Product End-of-Life
Juniper Netwrks Prduct End-f-Life Plicy & Prcedure ( EOL Plicy ) Frm time t time, Juniper Netwrks may find it necessary t discntinue prducts and services fr a number f reasns, including technlgy innvatins
More informationSKILLS CANADA - ONTARIO
Emplyment Plicy and Prcedure Manual Sectin: Cmmunicatin SPP N: 4.06 Subject: AODA Custmer Service Issued: January 31, 2016 Issue t: All Manual Hlders Replaces: NA Issued by: Re-Evaluatin Date: NA Executive
More informationTHE CITY UNIVERSITY OF NEW YORK IDENTITY THEFT PREVENTION PROGRAM
THE CITY UNIVERSITY OF NEW YORK IDENTITY THEFT PREVENTION PROGRAM 1. Prgram Adptin The City University f New Yrk (the "University") develped this Identity Theft Preventin Prgram (the "Prgram") pursuant
More informationROSS RepliWeb Operations Suite for SharePoint. SSL User Guide
ROSS RepliWeb Operatins Suite fr SharePint SSL User Guide Sftware Versin 2.5 March 18, 2010 RepliWeb, Inc., 6441 Lyns Rad, Ccnut Creek, FL 33073 Tel: (954) 946-2274, Fax: (954) 337-6424 E-mail: inf@repliweb.cm,
More informationIntroduction LIVE MAPS UNITY PORTAL / INSTALLATION GUIDE. 2015 Savision B.V. savision.com All rights reserved.
Rev 7.5.0 Intrductin 2 LIVE MAPS UNITY PORTAL / INSTALLATION GUIDE 2015 Savisin B.V. savisin.cm All rights reserved. This manual, as well as the sftware described in it, is furnished under license and
More informationVantiv eprotect iframe Technical Assessment Paper Prepared for:
Vantiv eprtect iframe Technical Assessment Paper Prepared fr: Octber 13, 2015 P a g e 2 Cntents EXECUTIVE SUMMARY...3 OVERVIEW... 3 ABOUT VANTIV EPROTECT... 4 OPERATIONAL FLOW... 5 TECHNICAL ASSESSMENT...6
More informationINTRODUCTION TO PORTAL GROUP STUDIO
Mntana State University Luminis Prtal Prject INTRODUCTION TO PORTAL GROUP STUDIO Grup Studi With the Grup Studi sftware, yu can request the creatin f nline grups fr clubs, affiliatins, r interests and
More informationPCI Compliance Merchant User Guide
PCI Cmpliance Merchant User Guide Table f Cntents Intrductin... 5 PCI Prgram Overview... 5 PCI10 2.0 Applicatin Tl Overview... 6 Lgin Prcess... 6 Update My Prfile... 7 Frgt Yur Passwrd... 8 Welcme Pages...
More informationAgency Fund (Non-Student Org X-Fund) Guidelines Last Revision: 12/7/2009
Agency Fund (Nn-Student Org X-Fund) Guidelines Last Revisin: 12/7/2009 Definitin f Agency Fund: An Agency Fund cnsists f funds held by Eastern Michigan University as custdian r fiscal agent fr thers, such
More informationLINCOLNSHIRE POLICE Policy Document
LINCOLNSHIRE POLICE Plicy Dcument 1. POLICY IDENTIFICATION PAGE POLICY TITLE: ICT CHANGE & RELEASE MANAGEMENT POLICY POLICY REFERENCE NO: PD 186 POLICY OWNERSHIP: ACPO Cmmissining Officer: Prtfli / Business-area
More informationIMPLEMENTATION DETAILS
Plicy: Title: Status: 1. Intrductin ISP-I10 Payment Card Security Apprved Infrmatin Security Plicy Dcumentatin IMPLEMENTATION DETAILS 1.1. This dcument supprts implementatin f the "Payment Card Industry
More informationMaaS360 Cloud Extender
MaaS360 Clud Extender Installatin Guide Cpyright 2012 Fiberlink Cmmunicatins Crpratin. All rights reserved. Infrmatin in this dcument is subject t change withut ntice. The sftware described in this dcument
More informationLicensing the Core Client Access License (CAL) Suite and Enterprise CAL Suite
Vlume Licensing brief Licensing the Cre Client Access License (CAL) Suite and Enterprise CAL Suite Table f Cntents This brief applies t all Micrsft Vlume Licensing prgrams. Summary... 1 What s New in This
More informationDatabase Services - Extended
1 General Overview This is a Service Level Agreement ( SLA ) between and Database Services t dcument: The technlgy services Database Services prvides t the custmer. The targets fr respnse times, service
More informationIn addition to assisting with the disaster planning process, it is hoped this document will also::
First Step f a Disaster Recver Analysis: Knwing What Yu Have and Hw t Get t it Ntes abut using this dcument: This free tl is ffered as a guide and starting pint. It is des nt cver all pssible business
More information.100 POLICY STATEMENT
Treasury Management Operatins Sectin: Treasury Management Number: 105.100 Title: Treasury Management Operatins POLICY Index.100 POLICY STATEMENT.110 POLICY RATIONALE.120 AUTHORITY.130 APPROVAL AND EFFECTIVE
More informationAUDIT AND RISK COMMITTEE TERMS OF REFERENCE
AUDIT AND RISK COMMITTEE TERMS OF REFERENCE 1. TITLE OF COMMITTEE Audit and Risk Cmmittee 2. ESTABLISHMENT The Audit and Risk Cmmittee is established under Part 3 Sectin 19(1) f the Charles Darwin University
More informationPrivacy Policy. The Central Equity Group understands how highly people value the protection of their privacy.
Privacy Plicy The Central Equity Grup understands hw highly peple value the prtectin f their privacy. Fr that reasn, the Central Equity Grup takes particular care in dealing with any persnal and sensitive
More informationRemote Working (Policy & Procedure)
Remte Wrking (Plicy & Prcedure) Publicatin Scheme Y/N Department f Origin Plicy Hlder Authrs Can be published n Frce Website Prfessinal Standards Department (PSD) Ch Supt Head f PSD IT Security Officer
More informationOnline Banking Agreement
Online Banking Agreement 1. General This Online Banking Agreement, which may be amended frm time t time by us (this "Agreement"), fr accessing yur Clrad Federal Savings Bank accunt(s) via the Internet
More informationLoss Share Data Specifications Change Management Plan
Lss Share Data Specificatins Change Management Plan Last Updated: 2/27/2013 Table f Cntents I. Purpse... 3 II. Change Management Apprach... 3 III. Categries f Revisins... 4 IV. Help and Supprt... 6 Lss
More informationSession 9 : Information Security and Risk
INFORMATION STRATEGY Sessin 9 : Infrmatin Security and Risk Tharaka Tennekn B.Sc (Hns) Cmputing, MBA (PIM - USJ) POST GRADUATE DIPLOMA IN BUSINESS AND FINANCE 2014 Infrmatin Management Framewrk 2 Infrmatin
More informationNAIC Replacement Requirements For Certain Life Insurance Policies And Annuity Contracts
NAIC Replacement Requirements Fr Certain Life Insurance Plicies And Annuity Cntracts Duties f Prducers If a transactin invlves a replacement, the prducer must leave with the applicant, at the time an applicatin
More informationState of North Carolina. Statewide Information Security Manual. Prepared by the Enterprise Security and Risk Management Office
State f Nrth Carlina Statewide Infrmatin Security Manual Prepared by the Enterprise Security and Risk Management Office Publicatin Date: January 2015 1 This page intentinally left blank 2 TABLE OF CONTENTS
More informationNYU Langone Medical Center NYU Hospitals Center NYU School of Medicine
Title: Identity Theft Prgram Effective Date: July 2009 NYU Langne Medical Center NYU Hspitals Center NYU Schl f Medicine POLICY It is the plicy f the NYU Langne Medical Center t educate and train staff
More informationColorado Rapids Youth Soccer Club Social Media and Electronic Communication Policies
Clrad Rapids Yuth Sccer Club Scial Media and Electrnic Cmmunicatin Plicies OVERVIEW Online, scial media and ther electrnic cmmunicatin tls such as text messaging have becme a prevalent and effective means
More information