This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revision | ||
policies:security:access [2018/01/05 13:16] – [20. User management] deul | policies:security:access [2018/01/12 10:42] (current) – [26. User security policy] deul | ||
---|---|---|---|
Line 4: | Line 4: | ||
New users are either students or institute members. Their enrolment in the courses or their appointment as member of the institute is regulated elsewhere. Once this has taken place, personal information of these persons are entered into the Person database by the institute secretariat. Once this is done system management can use a WEB forms system to generate an account. | New users are either students or institute members. Their enrolment in the courses or their appointment as member of the institute is regulated elsewhere. Once this has taken place, personal information of these persons are entered into the Person database by the institute secretariat. Once this is done system management can use a WEB forms system to generate an account. | ||
- | Detail of [[: | + | Detail of [[:strw: |
====21. External user access computerroom==== | ====21. External user access computerroom==== | ||
+ | No one is allowed to access the computer server room without a IT Department person accompanying. | ||
====22. Standard passwords==== | ====22. Standard passwords==== | ||
+ | During installation of any device that has a network access controlled by username/ | ||
====23. Network security==== | ====23. Network security==== | ||
+ | Network access is granted only by MACaddress of the device cabled to the network. Unknown MACaddresses are excluded access to the wired network. Wireless network access is granted on the basis of a guest facility or through authentication using local account information of ULCN account information. | ||
+ | |||
+ | For details on wireless see [[: | ||
====24. Password requirements==== | ====24. Password requirements==== | ||
+ | Passwords are not freely formatted, there are [[: | ||
====25. Secure login==== | ====25. Secure login==== | ||
+ | Access to the institute resources through a login procedure is always done in a [[policies: | ||
====26. User security policy==== | ====26. User security policy==== | ||
+ | Users have been [[: | ||
+ | |||
+ | All Linux and Windows systems have an automatic ' | ||
====27. Network usage policy==== | ====27. Network usage policy==== | ||
+ | Wired network access is granted on the basis of membership of an associated institute as described in the account policy. Once connected to the wired network, access to system assets is controlled by user authorization and authentication. Authorization is governed by the status of the membership. Students and postdocs have supervisors granting the access restrictions. Postdoc usually acquire their on devices, while staff member are granted general access. | ||
====28. BYOD==== | ====28. BYOD==== | ||
+ | External machines, not acquired through university funding or not maintained by system admin, can only obtain access to the wireless network to which [[: | ||
====29. Remote access critical applications==== | ====29. Remote access critical applications==== | ||
+ | Only system managers require remote access to critical applications. Critical applications are not accessible from selected devices inside the IT Department infrastructure. System managers both need to authenticate | ||
====30. Mobile equipment and concern data==== | ====30. Mobile equipment and concern data==== | ||
+ | There are no mobile devices storing concern information. |