This section describes the procedures involved in maintaining the Security Templates. Security Templates are used to define the password level of compliance with the Sarbanes-Oxley Act, which is a United States federal law. This Act now applies to European companies listed on US Stock Exchanges and the subsidiaries of US Corporations. The Act came into force in 2002 and introduced major changes to the regulation of financial practice and corporate governance. It does not have specific requirements about access management, but states that the access controls must be adequate to enforce the financial controls required by the Act. Experts and auditors recommend that to meet the minimum for compliance, passwords should:

  • A minimum of six, preferably eight, characters in length.

  • A combination of uppercase and lowercase letters, mixed with numbers and symbols (e.g. !, @, #, $).

  • Passwords should be changed every 45 to 90 days. They should be different every time. They should not be changed by incrementing a number at the end or by adding a new character.

  • Must not contain personal information, such as the names of spouses or family members (including pets), or any information that an attacker could easily derive from a user.

In PROIV Aurora, the System Administrator (via the Security Templates screen) can enforce levels of compliance with Sarbanes-Oxley by:

  • Restricting the use of historic passwords

  • Enforcing a minimum number of numerics in the password

  • Restricting repeating characters

  • Restricting dictionary words

  • Restricting consecutive alphas

  • Restricting consecutive digits

  • Restricting repeating keyboard characters  

  • Restricting characters such as vowels.

You can create, amend, view and delete Security Templates on this screen:

  1. Click New Task Selection Icon icon. The Menu screen appears.

  2. Select the Security option.

  3. Select the Maintain Security Templates option.

  4. The Maintain Security Templates screen appears.

  5. Click New to create a new Security Template. To amend a Security Template, select the template and the details are displayed on the right hand side. Amend as necessary and click the Save to store the changes.

  6. Select the appropriate settings for the Security Template, using the following table as a guide.

Field Descriptions

Fields

Description

Template ID

Enter a unique ID for the template and enter a name for the template in the adjacent field.

Illegal Access Attempts Allowed

Number of illegal password attempts that are allowed before the user is locked out of the system.

Password Settings

 

Expiry Days

Enter the number of days before the password expires.

Warning Days

Enter the number of days to warn of the password expiry.

Minimum Length

Sets the acceptable minimum length of the password.

Maximum Length

Sets the acceptable maximum length of the password.

Reuse Cycle

Sets the number of previous passwords that cannot be reused.

Number of Mandatory Digits

Number of digits that must be present in a password.

Restrict Repeating Characters

Click the check box to restrict the use of repeating characters in the password.

Use Dictionary

Click the check box to set up a dictionary file to prevent the use of common words in passwords. Click Dictionary to display the Dictionary File Maintenance window. You can add or amend entries if required.

Restrict Consecutive Alphas

Click the check box to restrict use of consecutive alphas. Click Consec Alpha to display the Consecutive Alphas window, which displays a list of sequence numbers and consecutive characters. You can add or amend entries if required.

Restrict Consecutive Digits

Click the check box to restrict use of consecutive digits.  Click the Consec Digits to display the Consecutive Digits window, which displays a list of sequence numbers and consecutive numerics. You can add or amend entries if required.

Restrict Repeating Keyboard Chars

Click the check box to restrict use of consecutive keyboard characters. Click Consec Keybd to display the Consecutive Keyboard window, which displays a list of sequence numbers and consecutive characters which appear on a keyboard. You can add or amend entries if required.

Restrict Characters

Click the check box to restrict use of particular characters.  Click the Restricted to display the Restricted Characters window, which displays a list of sequence numbers and restricted characters which appear on a keyboard. You can add or amend entries if required.

Buttons

The on the toolbar are disabled or enabled depending on whether a change has occurred. For example if you amend a Security Template, the Save and Cancel s are then enabled.

Exit

Click the Exit to close the screen.

Save

Click the Save to save the Security Template.

Cancel

Click the Cancel to cancel any changes to the Security Template.

New

Click the New to create a new Security Template.

Delete

Click the Delete to delete the selected Security Template.

  1. Click Save to save the details, or click the Cancel to cancel any changes.

  2. Click Exit to exit the Maintain Security Templates screen.

Comment on this topic

Topic ID: 810114

Table of Contents

Index

Glossary

-Search-

Back