User account policy

User account policy

User Account Policy is a document which outlines the requirements for requesting and maintaining an account on computer systems or networks, typically within an organization. It is very important for large sites where users typically have accounts on many systems. Some sites have users read and sign an Account Policy as part of the account request process.

Policy Content

* Should state who has the authority to approve account requests.
* Should state who is allowed to use the resources (e.g., employees or students only)
* Should state any citizenship/resident requirements.
* Should state if users are allowed to share accounts or if users are allowed to have multiple accounts on a single host.
* Should state the users’ rights and responsibilities.
* Should state when the account should be disabled and archived.
* Should state how long the account can remain inactive before it is disabled.
* Should state password construction and aging rules.

Example

Some example wording:“Employees shall only request/receive accounts on systems they have a true business need to access. Employees may only have one official account per system and the account ID and login name must follow the established standards. Employees must read and sign the acceptable use policy prior to requesting an account.”

ee also

*Network security policy
*Computer security policy
*Internet security
*Computer security
*Network security
*Industrial espionage
*Information security

External links

* [http://csrc.nist.gov/ National Institute for Standards and Technology]


Wikimedia Foundation. 2010.

Игры ⚽ Поможем решить контрольную работу

Look at other dictionaries:

  • account policy —    On networks and multiuser operating systems, the set of rules that defines whether a new user is permitted access to the system and whether an existing user is granted additional rights or expanded access to other system resources. Account… …   Dictionary of networking

  • Account stacking — is a broadcast industry term, which refers to the deployment of subscription Direct To Home (DTH) satellite receiving equipment at multiple geographical locations under a single customer account. It is often referred to as 2nd address service,… …   Wikipedia

  • Security policy — is a definition of what it means to be secure for a system, organization or other entity. For an organization, it addresses the constraints on behavior of its members as well as constraints imposed on adversaries by mechanisms such as doors,… …   Wikipedia

  • Information protection policy — is a document which provides guidelines to users on the processing, storage and transmission of sensitive information. Main goal is to ensure information is appropriately protected from modification or disclosure. It may be appropriate to have… …   Wikipedia

  • Remote access policy — is a document which outlines and defines acceptable methods of remotely connecting to the internal network. It is essential in large organization where networks are geographically dispersed and extend into insecure network locations such as… …   Wikipedia

  • Roaming user profile — C:Documents and Settings{username}   Application Data   …   Wikipedia

  • Group Policy — Local Security Policy editor in Windows 7 Group Policy is a feature of the Microsoft Windows NT family of operating systems. Group Policy is a set of rules that control the working environment of user accounts and computer accounts. Group Policy… …   Wikipedia

  • Acceptable use policy — An acceptable use policy (AUP; also sometimes acceptable usage policy) is a set of rules applied by network and website owners which restrict the ways in which the network or site may be used. AUP documents are written for corporations,… …   Wikipedia

  • Password policy — A password policy is a set of rules designed to enhance computer security by encouraging users to employ strong passwords and use them properly. A password policy is often part of an organization s official regulations and may be taught as part… …   Wikipedia

  • Sender Policy Framework — TOC In computing, Sender Policy Framework (SPF) allows software to identify messages that are or are not authorized to use the domain name in the SMTP HELO and MAIL FROM (Return Path) commands, based on information published in a sender policy of …   Wikipedia

Share the article and excerpts

Direct link
Do a right-click on the link above
and select “Copy Link”