FIN 114: Advantage Access Security
To provide guidelines for improving Advantage access security
User IDs identify the person authorized to use a particular system or application, and passwords are keys that unlock access to those applications and systems. Maintaining a secure computer environment relies on individual users safeguarding and keeping private their access information, including changing their passwords on a regular basis. If an individual obtains the password to a user’s account, the user may be open to loss of data or unauthorized use of the account.
Using Advantage requires a minimum of three user IDs, each with a separate password. First, Cisco AnyConnect VPN client access is required to reach the servers on which Advantage resides. This is a service tied to users’ ASURITE IDs and the password is maintained in conjunction with ASURITE. Second, a CICS/RACF ID is required to login to the mainframe database environment. While this ID may be the same as ASURITE, the password is independent and must be changed every 90 days. The third ID is the Advantage ID itself, which consists of a unique username and password.
To assist in maintaining Advantage security, follow the guidelines below:
Words that have some connection to the user (e.g., names, addresses, telephone numbers, and initials) are the easiest to break. This type of information is public knowledge and should not be used to formulate a password. Common words should also be avoided as attackers have methods of trying any actual, dictionary-based words. Creativity is important in choosing a password. Combining the first letters from the words of a line in a favorite song along with a random number or letter is one way to form a good password that is cryptic yet easy to remember. A good password is one that is easy for the user to remember but meaningless to a would-be attacker.
Once the user has chosen a password, it is important to protect it. Users should avoid writing down passwords at all but, if necessary, they should be kept in a secure location away from the workstation. Users should treat computer accounts and passwords as a valuable, high-theft item.
CICS/RACF passwords should be changed regularly. The longer a password is in use, the riskier it becomes to use. If there is any reason to believe that the user’s password has been compromised or if the user notices someone watching his or her fingers while logging on to the system, the password should be changed at once.
CICS/RACF passwords must be between six and eight characters in length and made up of alphanumeric characters (A through Z and 0 through 9). Blank spaces and dashes are not accepted. Advantage passwords are four alphanumeric characters in length and follow the same rules for composition.
Users who have forgotten or have difficulty with their CICSP password should contact the UTO Helpdesk at 480/965–6500. Users who have forgotten their Advantage password or have difficulty logging on to Advantage should contact the Advantage Helpline at 480/965–2334 on weekdays between 8:00 a.m. and 5:00 p.m.
To establish or update an Advantage user ID, see FIN 204–02, “Additions/Changes/Deletions in Advantage User IDs.”
skip navigation bar