Office of Origin: Information Technologies
Date Adopted: 08-25-09
Date Reviewed: 07-01-14
Last Date Modified & Approved: 07-01-14
Lake Michigan College (the College) will establish standards for the management of passwords in an effort to prevent unauthorized user access to institutional data and Information Technology (IT) resources. The College recognizes that password controls are a critical component for managing computer security.
As such, all College employees, including contractors, with access to College informational assets and systems are responsible for taking appropriate measures to safeguard access to those IT assets and systems. Further, such College employees and contractors are responsible for taking appropriate measures in managing their passwords to safeguard information in a proactive manner to prevent authorized access.
- All employee or contractor users with access to A) financial applications within Banner, B) student records applications within Banner, and/or C) IT administrative services must use passwords that are at least eight (8) characters long, that contain at least one (1) number, and that contain at least one (1) upper and one (1) lower case character.
- All other employee or contractor users must use passwords that are at least eight (8) characters long and that contain at least one number.
- All users are required to change their password every 360 days.
- Passwords may not be included in email messages or other forms of electronic communication.
- Passwords may not be shared with other individuals or posted where easily accessible or in a public accessible format.
The scope of this policy includes all personnel and contractors who have any form of access to systems that resides at any College facility, that are attached to any College network, or to a cloud based system that hosts College data.
Responsibility: Chief Information Officer
References: Acceptable Use Policy