Why do I need to protect my user accounts ?

From: Marlon Brown (marlon_brown@hotmail.com)
Date: 02/13/03 

From: "Marlon Brown" <marlon_brown@hotmail.com>
Date: Thu, 13 Feb 2003 07:19:09 -0800

I need to come up with reasons why I would need to enforce password
complexity and other security policies in our company. I work for a public
institution and all e-mail, salary info, etc are supposed to be available to
the public upon request anyway.

This is what I understand:
- It is clear to me that I need to protect network team data, because if
someone out there steals a .xls file or read one of our network admin
e-mails, they could potentially get enough info to format many OS partitions
of our servers. Yes, I know it is wrong sending admin passwords through
e-mail, but it has been hard to implement that here

- How about regular users ? Why should I be so worried to protect someone
e-mail password in our organization if that e-mail is supposed to be
available to the public (upon request) anyway ?
I can imagine that if a hacker cracks a password from a director in my
organization, maybe the hacker could send out an e-mail to ALL_EMPLOYEES DL
and of course it would be a bad thing for our reputation.
Other than that, can you tell me reasons I have to implement strong
passwords for users ? Please note this is a public organization.

-

Relevant Pages

  • Unable to change passwords - Windows 2003 Domain
    ... For some reasons, we are running into issues changing passwords in our ... out of the OU to the regular users OU does nothing. ... using the CTRL ALT DEL. ...
    (microsoft.public.windowsxp.security_admin)
  • SharePoint 2007 - Page permission problem
    ... What might be the reasons why all regular users are able to access all ... section but that doesn't fix the access problem. ...
    (microsoft.public.sharepoint.portalserver.development)