Re: NOC password management



Firstly common to all solutions is ensuring:

Ability to audit the process - that is knowing who accessed the
password(s) and when.

Password Management Policy - how long passwords are valid for,
complexity requirements, reset procedures, what happens when an
Administrator leaves.

Access control - processes to grant and restrict access to password storage.

I've not seen a software based solution in place. However in such a
solution I would be looking closely at ensuring that the password data
is encrypted at rest and the machine is physically secured when not
needed (in a safe). As loss of the password database would be
problematic to say the least!

I've seen paper based solutions where all passwords are stored in a
safe, each in tamper evident envelopes and written down. Access is
controlled physically to the machines that are administrated and to
the safe. Auditing is made more difficult unless access can be logged
from the safe.



On 3/15/07, List Subscriptions <lists.canuck.eh@xxxxxxxxx> wrote:
As the security administrator I constantly get complaints from the
network admins about how hard it is to remember all the passwords.
What are the best practices for enterprise password management? What
products are available? They came to me with Mandylion labs password
management token ( http://mandylionlabs.com/). Has anyone used this
product or have any insight into the best solution?

Thanks in advance




Relevant Pages

  • Re: I need references about hooking
    ... OS is updating storage, it is doing it in a safe manner, eg, ensuring ... hooking introduces instability and unpredictability. ...
    (microsoft.public.win32.programmer.kernel)
  • Re: Acronis software
    ... Acronis Privacy Expert Suite 8.0 gives you all the security you need, ensuring that all the information on your PC remains safe. ...
    (uk.comp.misc)
  • Re: __asm__ cmpxchg8b/cmpxchg16b
    ... don't have a means of ensuring that they are still valid then it's ... lifetime-management scheme in place so they are safe for dereferencing ...
    (comp.programming.threads)
  • Re: Police killer drivers - theyre still mowing down people
    ... through a red traffic light without ensuring that it is safe to do ... You tell 'em Cyn ... Unfortunately, he is wrong, the police do have the right to break any ...
    (uk.legal)
  • Password Management
    ... I would like to find some information on password management best practices. ... I have been asked whether it would be safe for us to keep a file, ... Microsoft Small Business Server so that we can have Outlook on exchange ...
    (microsoft.public.windows.server.sbs)