Search
Financial Services Manual (FIN)
![[horizontal rule]](finhr.gif){kind=small}
| Effective: 7/3/1995 |
Revised: 3/1/2011 |
![[ASU logo]](asu.gif) |
FIN 114: Advantage Access Security |
Purpose
To provide guidelines for improving Advantage access security
Source
University policy
Background
User IDs identify the person authorized to use a particular system or application, and passwords are keys that unlock access to those applications and systems. Maintaining a secure computer environment relies on individual users safeguarding and keeping private their access information, including changing their passwords on a regular basis. If an individual obtains the password to a user’s account, the user may be open to loss of data or unauthorized use of the account.
Policy
CICS/RACF and Advantage Passwords
Using Advantage requires a minimum of three user IDs, each with a separate password. First, Cisco AnyConnect VPN client access is required to reach the servers on which Advantage resides. This is a service tied to users’ ASURITE IDs and the password is maintained in conjunction with ASURITE. Second, a CICS/RACF ID is required to login to the mainframe database environment. While this ID may be the same as ASURITE, the password is independent and must be changed every 90 days. The third ID is the Advantage ID itself, which consists of a unique username and password.
Guidelines for Maintaining Advantage Security
To assist in maintaining Advantage security, follow the guidelines below:
- Change CICS/RACF passwords after receiving a new user ID.
- Memorize the new password.
- Choose a CICS/RACF password that is a combination of letters and digits.
- Never share the password with others.
- Do not write the password on a paper or Post-it note and attach it to the computer or leave the written password on the desk, in a desk drawer, or on a calendar or desk pad.
- Log off Advantage before leaving the workstation.
- Change CICS/RACF passwords on a regular basis, e.g., every 90 days or sooner, especially when there is an attempt to access the account or if someone may have learned of the password.
- Complete the appropriate forms and forward them to Computer Accounts or the Advantage Helpline whenever an Advantage user in the unit is no longer employed or using Advantage, changes department or college, or changes other demographic data (such as change in name), or whenever there is a change of Advantage users. Detailed assistance is available from the Advantage Helpline at 480/965–2334.
Choosing and Safeguarding Passwords
Words that have some connection to the user (e.g., names, addresses, telephone numbers, and initials) are the easiest to break. This type of information is public knowledge and should not be used to formulate a password. Common words should also be avoided as attackers have methods of trying any actual, dictionary-based words. Creativity is important in choosing a password. Combining the first letters from the words of a line in a favorite song along with a random number or letter is one way to form a good password that is cryptic yet easy to remember. A good password is one that is easy for the user to remember but meaningless to a would-be attacker.
Once the user has chosen a password, it is important to protect it. Users should avoid writing down passwords at all but, if necessary, they should be kept in a secure location away from the workstation. Users should treat computer accounts and passwords as a valuable, high-theft item.
Changing Passwords
CICS/RACF passwords should be changed regularly. The longer a password is in use, the riskier it becomes to use. If there is any reason to believe that the user’s password has been compromised or if the user notices someone watching his or her fingers while logging on to the system, the password should be changed at once.
Composing a Password
CICS/RACF passwords must be between six and eight characters in length and made up of alphanumeric characters (A through Z and 0 through 9). Blank spaces and dashes are not accepted. Advantage passwords are four alphanumeric characters in length and follow the same rules for composition.
Getting Help
Users who have forgotten or have difficulty with their CICSP password should contact the UTO Helpdesk at 480/965–6500. Users who have forgotten their Advantage password or have difficulty logging on to Advantage should contact the Advantage Helpline at 480/965–2334 on weekdays between 8:00 a.m. and 5:00 p.m.
Cross-Reference
To establish or update an Advantage user ID, see FIN 204–02, “Additions/Changes/Deletions in Advantage User IDs.”
skip navigation bar