Networking

Password Security Update

Because of the increase in security awareness everywhere it has been determined that Valencia faculty, staff and students will now be required to change their network password every 180 days. There is a certain complexity to the password that you pick to make sure it is a secure password and not easily guessed by others. Here is what will be required:

• All passwords are required to meet the “strong password” definition.
• Passwords must be at least eight characters in length.
• Passwords must consist of a combination of three (3) of the following four (4) categories: Upper case letters, Lower case letters, Numerals and special characters.
• Passwords cannot contain a dictionary word.
• Passwords cannot contain all or part of your user id.
• Passwords cannot match any of your four previous passwords.

This will only be required every 180 days (6 months). You will start to get warnings prompting you to change your password 14 days before it is due and each day until it does expire. If you do not change the password before it expires then you will be forced to change it before logging in. Should you need assistance please contact the Helpdesk for assistance at x5555 or by email oithelp@valenciacollege.edu

*********************************************************************************

Password Procedure

PROCEDURE  STATEMENT

This procedure establishes a standard for creation of strong passwords and protection of those passwords within the Microsoft Active Directory/Exchange email system. This procedure applies to all persons who have, or are responsible for, an account on any system accessed on the Valencia College network or computer systems.

DEFINITIONS                                                  

Expiration: Date at which password for access to College systems is required to be changed meeting strong password standards.

PROCEDURES and RESPONSIBILITIES

Users are responsible for assisting in the protection of the network and computer systems they use. The integrity and secrecy of an individual's password is a key element of that responsibility. Each individual has the responsibility for creating and securing an acceptable password per this procedure. Failure to conform to these restrictions may lead to the suspension of rights to College systems or other action as provided by College Policy, State or Federal law.

Password Creation Rules:

Passwords are initially assigned when a new account is created. Upon initial logon users have the right and the ability to change passwords on their Active Directory/Exchange accounts at any time. Users will be prompted to change their password the first time.

• All passwords are required to meet the “strong password” definition.

• Passwords must be at least eight characters in length.
• Passwords must consist of a combination of three (3) of the following four (4) categories: Upper case letters, Lower case letters, Numerals and special characters.
• Passwords cannot contain a dictionary word.
• Passwords cannot contain all or part of your user id.
• Passwords cannot match any of your four previous passwords.

Password Expiration:

Passwords will expire on a 180-day cycle (6 months). Advance warnings of upcoming password expiration will be sent to the designated account holder via campus e-mail beginning 30 days prior to expiration, with repeated reminders several times thereafter until the expiration date.

Any account holder may change his or her password at any time through their Active Directory Account or https://adpass.valenciacollege.edu (an online password reset utility). It is not necessary to wait for expiration.

Passwords should be changed immediately and the Office of Information Technology notified whenever there is a belief that the password has been compromised.

Desktop/Laptop  Password Security

All Desktops and Laptops must have a password enabled screensaver  and timeout set to no more than 5 minutes.

NOTE: Password changes will also affect Smartphone’s and PDA’s that check Outlook emails. User will need to change this manually.

Version: sec-100603.07

******************************************************************************

Password Change is coming..

Activities at Valencia increasingly involve electronic systems, including online courses, grades, financial aid, many Valencia business systems, faculty and staff benefits, IRS reporting, and more. As custodians for IT security at Valencia, OIT strives to pursue every prudent step to maintain the security and integrity of your own and Valencia’s electronic systems.

One critical layer of IT security is your personal password. This is not only a key to the security of your own account but to the security of the Valencia community because most system-wide attacks begin with the compromise of an individual account. Like running virus protection, periodic password changes are basic security hygiene.

It can be disruptive to change passwords on a forced schedule, so, in the past; Valencia has not recommended a regular change and relied on individuals to do so voluntarily. A recent review of security risks highlighted the importance of password protection, and a review of password change statistics showed that few users were changing their passwords regularly. While our Valencia passwords are protected in multiple layers, strong and regularly changed passwords are a critical component of our security.

Benefits of required password change:

• Providing a regular reminder to individuals to manage their own identity and security: managing their password. While Valencia policies preclude sharing of passwords, there is evidence some individuals do so; a password change requirement provides a routine opportunity to reinforce that passwords are private --not for sharing.
• Improving the “strength of passwords” to make them harder to guess or otherwise compromise. OIT will continue to make changes that ensure that users select “strong” passwords, further reducing the risk of password compromise.
• Providing a periodic “reset” against existing or potential password compromises such as having shared a password in the past.
• Providing an annual audit allowing OIT to disable inactive UserIDs which otherwise could expose the Valencia community to account compromise.

OIT recognizes that it requires effort to choose and learn a new, stronger (and harder to remember) password. Some may be tempted to diminish the security of their new password by writing it down instead of memorizing it – please don’t do that!

When considering an issue like this Valencia must weigh the inconvenience against the benefits. Valencia’s overriding concern is with the security of personal information and University systems. IT security risks continue to increase so the value of this procedure will rise correspondingly over time.

Change is a coming

 Password Change Procedure

Because of the increase in security awareness everywhere it has been determined that Valencia Facility, Staff and Students will now be required to change their network password ever 180 days.  There is a certain complexity to the password that you pick to make sure it is a secure password and not easily guessed by others. Here is what will be required:

• All passwords are required to meet the “strong password” definition.
• Passwords must be at least eight characters in length.
• Passwords must consist of a combination of upper case letters, lower case letters and numerals.
• Passwords cannot contain a dictionary word.
• Passwords cannot contain all or part of your user id.
• Passwords cannot match any of your four previous passwords.

This will only be required ever 180 days (6 months) and you will start to get password change warnings 14 days prior and each day until it does expire. If you do not change the password before it expires then you will need to contact the helpdesk for assistance at x5555.

********************************************************************************

Unified Messaging voicemails are now in your Outlook inbox !!

Microsoft Unified Messaging is a subcomponent of Microsoft Outlook Email and provides several new features and enhancements, such as the ability to receive and listen to voicemails directly from your Outlook email inbox.

Here is how this upgrade will impact you:

Any of your current saved voicemail(s) will no longer be available after the new system is operational.
Please make sure you have retrieved any information from your voicemails prior to 09/08/09.

Once converted, you will need to re-record your personal voicemail greeting.
A system generated generic message will be available until you have recorded your new personal greeting and instructions will be provided to you on how to record a new greeting.

There will be new numeric keypad options to access your voicemail.
Click this Valencia Answers link: http://answers.valenciacollege.edu/ics/support/default.asp?deptID=5572&task=knowledge&questionID=1315 to get a head start on learning the new commands.