Keeping Passwords / PIN Numbers Confidential

This topic is concerned with the responsibilities of staff with regard to all forms of access passwords - including PIN numbers.

To view the related Policy click      

  • Information may be disclosed without authorisation, because passwords have been compromised or not kept confidential.

  • Ensure that the confidentiality of a password is respected and never revealed to anyone.

    N.B. This includes all technical staff. If access is required, the System Administrator may receive authorisation and legitimately access anyone's account. However, such action should be captured on the system logs for subsequent auditing.
  • Ensure that the choice of password and the subsequent use is tightly controlled. See Passwords - Choosing and Passwords - Use and Best Practice.
  • Be wary of requests from someone who asks for your password claiming to have received authorisation. Refer all such requests to your Security Officer.
Previous PageTop of this pageNext Page

Information Security Policies from US$595

 From
 US$595

For further information about the RUsecure interactive security policies, visit Information Security Policy World
Use of the guidance contained within RUSecure™ is subject to the End User Licence Agreement
Sponsor: ISO 17799 Directory
This site created with EasyHTMLHelp(tm) for MS Word

 

Next PageUpPrevious Page