Scribd
Upload
230 views

Admin Password Management Process

This document outlines NIIT Technologies Ltd's Admin Password Management Process. It describes controls for admin password security, confidentiality, and administration. The process owner is the HSSA ITSM and IT operations manager. Passwords must be at least 8 characters and changed every 90 days. Operational routines specify changing passwords for Active Directory, Notes, antivirus, and Altiris according to a schedule. Responsibilities and a password storage template are also included.

Uploaded by

Stephanie Wilcox
Copyright
© Attribution Non-Commercial (BY-NC)
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOC, PDF, TXT or read online on Scribd
230 views

Admin Password Management Process

This document outlines NIIT Technologies Ltd's Admin Password Management Process. It describes controls for admin password security, confidentiality, and administration. The process owner is the HSSA ITSM and IT operations manager. Passwords must be at least 8 characters and changed every 90 days. Operational routines specify changing passwords for Active Directory, Notes, antivirus, and Altiris according to a schedule. Responsibilities and a password storage template are also included.

Uploaded by

Stephanie Wilcox
Copyright
© Attribution Non-Commercial (BY-NC)
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOC, PDF, TXT or read online on Scribd
You are on page 1/ 6

NIIT Technologies Ltd

Admin Password Management Process

QMS-P002 Holcim Services (South Asia Ltd!


28 Dec 10

Admin Password Management Process

Version 1.0

Page 1 of 6

NIIT Technologies Ltd

"ocument #ontrol
1. Document Information
"ocument Name #lassi$ication Author %&ner %nline 'e$erence Status (ile Name ) Path #reated on 'elease on *alid (rom 'e-validation "ate Printed on Revision *ersion
Draft Admin Password Management Policy Internal use only Sandeep Deshpande !" I! #perations Manager

Draft $$10.%&'.0.1''$(SSA)Support$ !" Infrastructure$Pri*ate$+uality$ Password Management Policy.doc %,th Decem-er 10

'evision "ate
%,th Dec 10

'evision "escri+tion
Initial Version

Author Sandeep

Sign-o$$

Approval 'ole Distribution List 'ole


(SSA (ead I! infrastructure

Name

Signature

"ate

Name Govindamani Vinod Kumar, Saina ! "#er, $a%an Pac!c!i&ar $a%es! Luna'a A(( Si es )or !+,as +Sou ! .es / Gu%ra 0or ACL/ *!ane+C!urc!&a e A(( Si es
Version 1.0

Signature

"ate

OpCos SPOC ACC ACL ACCCL HSSA OpCos Loca ion Head )*L $e&iona( Coordina ors O !er )*L S a00

Admin Password Management Process

Page % of 6

NIIT Technologies Ltd

INDE Admin Pass'ord 1ana&emen Process///////////////////////////////////////////////////////////////////1 1/Documen "n0orma ion//////////////////////////////////////////////////////////////////////////////////////////2 2/Overvie'///////////////////////////////////////////////////////////////////////////////////////////////////////////////2 3/ Scope////////////////////////////////////////////////////////////////////////////////////////////////////////////////////2 2/O'ner////////////////////////////////////////////////////////////////////////////////////////////////////////////////////2 4/$evie' o0 Procedure/////////////////////////////////////////////////////////////////////////////////////////////2 5/Admin Pass'ord Process con ro(s////////////////////////////////////////////////////////////////////////2 5/1/Admin Pass'ord Securi # and Accoun Veri0ica ion////////////////////////////////////2 5/2/Addi iona( Con ro(s////////////////////////////////////////////////////////////////////////////////////////2 5/3/Con0iden ia(i #///////////////////////////////////////////////////////////////////////////////////////////////4 5/2/Admin Pass'ord Adminis ra ion///////////////////////////////////////////////////////////////////4 6/Process//////////////////////////////////////////////////////////////////////////////////////////////////////////////////4 6/1/ Procedure &uide(ine 0or imp(emen in& Pass'ord po(ic#//////////////////////////////////4 6/2/Opera iona( $ou ine///////////////////////////////////////////////////////////////////////////////////////////4 8/$esponsi7(e///////////////////////////////////////////////////////////////////////////////////////////////////////////4 8/G(ossar# o0 A77revia ions////////////////////////////////////////////////////////////////////////////////////5 10/*emp(a e 0or pass'ord s ora&e///////////////////////////////////////////////////////////////////////////5

Admin Password Management Process

Version 1.0

Page & of 6

NIIT Technologies Ltd

!. "verview
!he purpose of Admin Password Management Policy is to ensure administrator passwords are properly used to *erify.authenticate the identity of a user/ the first line of defence for access into I! Infrastructure. Also to ensure that -uilt in administrator ID is used only for administration purpose -y administrator. !he password is also a*aila-le with (SSA management which can -e used in case of emergency.

#. $cope
!his policy is applica-le to (SSA head office where administrator ID is maintained and used -y administrators for Acti*e directory/ "otus otes/ Anti0 *irus/ Altiris software.

%. "wner
(SSA I!SM and !" operations manager will -e responsi-le for ma1ing changes to the process.

&. Review of Procedure


!his procedure will -e re*iewed for its issuance/ maintenance and distri-ution. 2early re*iew of this procedure is essential to ensure that the procedure remain rele*ant.

'. Admin Password Process controls


6.1. Admin Password Security and Account Verification
3hec1ing new passwords4 password should not accept passwords found in dictionary and is not a name or simple common word. Plausi-ility !est for password4 Passwords should -e constructed using a mi5ture of different characters. !his ma1es the guessing of passwords *ery difficult. All admin 6ser account passwords shall consist of a minimum length of , characters. Days to password change password is Ma5imum is 1,0 days.

6.2. Additional Controls


Delay after Incorrect "ogin Attempts 7 In case user pro*ides wrong passwords for & times it pro*ides delay in the login. "ogin details 7 It records following for login records 8ecords failed login attempts 8ecord successful login attempts Interpretation of 3trl 9 Alt 9 Del is Ignore Pri*ileged 6ser login IDs and password will -e with domain !eam "eads

Admin Password Management Process

Version 1.0

Page : of 6

NIIT Technologies Ltd


6.3. Confidentiality
Passwords will not -e scri--led anywhere other than the Password ;n*elope. Sharing of password is strictly prohi-ited.

6.4. Admin Password Administration


3hange Management needs to -e followed for changing the passwords for administrator users -y filling up 3hange re<uest =orm. #ne printed copy of passwords should -e 1ept with (SSA SM > #P head.

(. Process
(.1. Procedure guideline for implementing Password polic)
All administrators and their wor1forces shall follow password policy/ 1eep all passwords secure/ and 1eep passwords confidential.

Parameters Password (istory Ma5imum Password Age Password Must meet comple5ity 8e<uirements Min Password length (.!. "perational Routine Activit)
Admin ID maintenance

*alue ' 1,0 Days ;na-led , chars

Schedule
1,0 days. 3ycle4 ?an0?uly

Tas,
3hange of admin password for AD/" /AV/Altiris

'es+onsi-ilit.
I! #perations !eam

%utcome
3hanged list of admin ID is handed o*er to (ead SM > #P

All admin ID passwords should -e changed according to operational 8outine and whene*er the change re<uest is raised. !he printed copy to -e handed o*er to SM > #P head (SSA in sealed en*elope.

*. Responsible
=ollowing persons from this process. Area Acti*e Directory "otus notes Anti0*irus Altiris !" will -e responsi-le for implementing and maintaining Responsible System !eam Mem-er System !eam Mem-er System !eam Mem-er System !eam Mem-er

Admin Password Management Process

Version 1.0

Page ' of 6

NIIT Technologies Ltd

+. ,lossar) of Abbreviations
Sr/ 1/ 2/ 3/ 2/ 4/ 5/ 6/ 8/ 8/ A77revia ion "* AV HSSA ACC ACCCL ACL )*L OpCo "*S1 Descrip ion "n0orma ion *ec!no(o&# An i Virus Ho(cim Services 9Sou ! Asia: L d/ ACC Limi ed ACC Concre e Limi ed Am7u%a Cemen s Limi ed )""* *ec!no(o&ies L d/ Opera in& Compan# "n0orma ion *ec!no(o&# Service 1ana&emen

1-. .emplate for password storage


=ollowing template should -e used while handing o*er password to (SSA SM > #P head. !he en*elope should -e sealed while gi*ing this document.

Admin password information.doc

Admin Password Management Process

Version 1.0

Page 6 of 6

You might also like