Objective

The purpose of the Password Policy is to establish parameters for secure authentication when accessing University Information Resources. Access to University Information Resources by an unauthorized party may cause loss of information, a breach of confidentiality and/or integrity, and may compromise availability.

Applicability

The Password Policy applies to students, faculty or staff members, whether full-time or part- time, paid or unpaid, temporary or permanent, as well as all agents and representatives of the University, including any third party service provider providing services to the University who create, use or otherwise access or interact with any University Information or University Information Resource (“University Users”).

Definitions

University Information: any information in any form whether electronic, hardcopy, audial, or otherwise which is created, collected, stored, accessed or used in connection with the operation and/or management of the University, or which is created, collected, stored, accessed or used by a party authorized by the University.


University Information Resource: any tool, device, equipment, or system used to create, collect, record, process, store, retrieve, display and transmit University Information, including but not limited to email, mainframes, servers, computers, laptops, personal digital assistants (PDA), telecommunication resources, fax machines, printers, file cabinets, software and embedded technology.

Policy

 

If a University User suspects or has reason to know that the security of a password may be compromised, the password must be changed immediately. Under such circumstances, University Users should immediately report the discovery to the Suffolk University ITS Help Desk (617) 557-2000.

Users should contact the ITS Helpdesk to change a password. When a user seeks a password change, ITS must undertake the following procedures:
 

Violation of Policy

The University reserves the right to monitor network traffic, perform random audits, and to take other steps to insure the integrity of its information and compliance with this Policy. Violations of this Policy may lead to appropriate disciplinary action, which may include temporary or permanent restrictions on access to certain information or networks. Willful or repeated violations of this Policy may result in dismissal from the University.

 

Revision History

 

 

Version

Date

Responsible University Office

Approved By

1.0

09/14/10

Provost Office

Provost Barry Brown

1.1

02/12/13

Senior VP of Finance and Administration and Treasurer Office

Senior VP Danielle Manning