Password protection ensures that only those users who establish a proof of their authorization will be granted access to data and programs.
A poorly chosen password may result in the compromise of the Company’s entire network. As such, all Company’s employees (including contractors and vendors with access to Company systems) are responsible for taking the appropriate steps, as outlined below, to select and secure their passwords. This procedure describes the security rules that cover activities that must be followed on different internal network areas or systems that require user credential to access the respective network elements or systems.
The purpose of the Password Procedure is to establish a standard for creation of strong passwords, the protection of those passwords, and the frequency of change.
1.1 PROCEDURE OWNER
1.3 APPLICABLE REGULATIONS
1.4 RELATED [COMPANY] NORMS AND PROCEDURES
1.6 AUDIENCE AND SCOPE
1.7 DOCUMENT SUPPORT
2. DEFINITIONS & ABBREVIATIONS
3.2 PASSWORD PROTECTION
3.3 CONTROLS OVER THE USE OF PASSWORDS
3.4 DEFAULT PASSWORDS
3.5 ELECTRONIC STORAGE OF PASSWORDS
3.6 STORAGE OF DATABASE USERNAMES AND PASSWORDS
3.7 RETRIEVAL OF DATABASE USER NAMES AND PASSWORDS
3.8 ACCESS TO DATABASE USER NAMES AND PASSWORDS
3.9 PASSWORD RESET PROCEDURE
3.10 INITIAL PASSWORD DELIVERY PROCESS
4. ROLES AND RESPONSIBILITIES
6. FINAL CONSIDERATIONS
6.1 DISCIPLINARY ACTIONS AGAINST PROCEDURE VIOLATION
6.2 DOCUMENT REVISION
Company has adopted the Identification and Management of Conflicts of Interests Policy (the “policy”) to address actions or transactions at the Company that may give rise to actual or potential conflicts of interest (“Conflicts”) and to set forth the processes by which the Company will identify and manage Conflicts going forward.
The objective of the Network Security Policy is to ensure the security of data transfers across Company’s networks and that an adequate level of security exists to protect the network infrastructure.