IT Security










The Information Technology  Network 

IT Trends - Jobs - Training - Contracts - Books


Access Security

    Main point under Access security is ‘password management’. Every individual may have more than three or four passwords- machine boot level, OS level, application level, email level etc

    Instruct your users to have at least 8 characters with at least one special character, and a mix of upper and lower case alpha numeric characters. Try to avoid the initials , your name , spouse names, date births and the department number or your badge numbers.

    Try to change the Passwords at a regular interval, say at least one in four months. And have a system in place where the system gets locked for a day, After a maximum of five incorrect login attempts, accounts will be locked for a specified period of time, or until administrator resets.

   Password administration rules shall be systematically enforced.  Any exception shall be documented in the agency’s security program.

   Remote Access is already discussed. Ensure that the remote user is properly identified using login password as well as the telephone that is used for RAS. This is valid for Virtual Private Networks too. Maintain and review a log of remote connections.

    Identify the machines where a specific application only has to be run. Fix the IP address of the machine and limit the access of the application to only those machines authorized to use.