Employees must access a variety of Licensee’s Information Assets including computers, networks, hardware devices, and third party service provider accounts. Employees who have access to Licensee Information Asset resources are to maintain strong passwords and protect their Information Asset access credentials from unauthorized use. The Information Technology department configures network server domains to meet specific password complexity requirements. These include prohibiting passwords from containing the user account name, temporary passwords forcing the user to change the password during their first login, enforcing password history controls that prohibit the use of the 12 previously used passwords, requiring users to change their passwords every 90 days, and a minimum password length of 8 characters. …show more content…
The Information Security Manager reports in their capacity to the CEO. Company officers, executives, directors, employees, contractors and third party service providers cooperate and work with the Information Security Manager to ensure the protection of customer’s non-public information and Licensee’s Information Assets. Policies, such as Enterprise Antivirus Program, Network Access, Software Development Security Standards, Physical Security, Vendor Manangmenet Ativirus, Mobile Computing/Remote Access, Inromation Security Risk Assessment, Social Media, Data Loss Prevention, and Secuiryt Incident Response Policies have been implemented to protect customer’s non-public personal information and company Information