FIN 114: Advantage Access Security

To provide guidelines for improving Advantage access security

University policy

User IDs identify the person authorized to use a particular system or application, and passwords are keys that unlock access to those applications and systems. Maintaining a secure computer environment relies on individual users safeguarding and keeping private their access information, including changing their passwords on a regular basis. If an individual obtains the password to a user’s account, the user may be open to loss of data or unauthorized use of the account.

To assist in maintaining Advantage security, follow the guidelines below:

1. Change passwords after receiving a new user ID.
2. Memorize the new password.
3. Choose a password that is a combination of letters and digits.
4. Never share the password with others.
5. Do not write the password on a paper or Post-it note and attach it to the computer or leave the written password on the desk, in a desk drawer, or on a calendar or desk pad.
6. Log off Advantage before leaving the workstation.
7. Change passwords on a regular basis, e.g., every 90 days or sooner, especially when there is an attempt to access the account or if someone may have learned of the password.
8. Complete the appropriate forms and forward them to Computer Accounts or the Advantage Helpline whenever an Advantage user in the unit is no longer employed or using Advantage, changes department or college, or changes other demographic data (such as change in name), or whenever there is a change of Advantage users. Detailed assistance is available from the Advantage Helpline at 480/965–2334.

Passwords that have some connection to the user (e.g., names, addresses, telephone numbers, and initials) are the easiest to break. This type of information is public knowledge and should not be used to formulate a password. Common words should not be used for passwords since hackers have programs that automatically search through dictionaries trying each entry as a password. A good password is impossible to break, easy to remember, and long enough so that trying random combinations of letters will not uncover it.

Creativity is important in choosing a password. Combining the first letters from the words of a line in a favorite song along with a random number or letter is just one way to form a good password that is cryptic but easy to remember. Once the user has chosen a password, it is important to protect it. Do not write the password on paper or Post-it note kept near the workstation. Users should treat computer accounts and passwords as valuable commodities.

Passwords should be changed regularly. The longer a password is in use, the riskier it becomes to use. If there is any reason to believe that the user’s password is no longer secret or if the user notices someone watching his or her fingers while logging on to the system, the password should be changed at once.

Using Advantage requires a minimum of two user IDs, each with a separate password. CICSP is used to access the mainframe database environment in which Advantage operates. SecuRemote/Secure Client VPN (Virtual Private Network) software is required for access to the ASU administrative systems. CICSP passwords must be changed every 90 days. Advantage passwords should be changed on a similarly scheduled basis.

CICSP passwords must be between six and eight characters in length and made up of alphanumeric characters (A through Z and 0 through 9). Blank spaces and dashes are not accepted. Advantage passwords are four alphanumeric characters in length and follow the same rules for composition.

Users who have forgotten or have difficulty with their CICSP password should contact Computer Accounts at 480/965–1211. Users who have forgotten their Advantage password or have difficulty logging on to Advantage should contact the Advantage Helpline at 480/965–2334 on weekdays between 8:00 a.m. and 5:00 p.m.

To establish or update an Advantage user ID, see FIN 204–02, “Additions/Changes/Deletions in Advantage User IDs.”

  skip navigation bar