Topics Map > UW-Madison > CIO > Identity and Access Management
Topics Map > UW-Madison > Cybersecurity > Access Control
Topics Map > UW-Madison > Cybersecurity > Configuration and Maintenance

UW-Madison - CIO - Password Policy

Applies to UW-Madison faculty, staff and students who who use or access UW-Madison information resources, or connect devices or systems to a UW-Madision network by any means.

Describes the required practices for passwords used on devices and systems connected to the UW-Madision network, and devices or systems used by faculty, staff and students who use or access UW-Madison information resources.

The Password Standard is the implementation of this policy.

 
  • Of interest to:
    • Alumni
    • Applicants
    • Faculty
    • IT Security Staff
    • IT Staff
    • Staff
    • Students
  • Subjects:
    • Cloud Services
    • Cybersecurity
    • Identity Management
    • Mobile Devices
    • Network and Telecomm
    • Personally-owned Dev.
  • Cybersecurity:
    • Access Control
    • Config and Maintenance
  • Data Handling Activities:   
    • Access
 

Policy

Devices and systems connected to the University of Wisconsin-Madison network must require passwords meeting the minimum standards set by the Office of the Chief Information Officer and, if possible, technically enforce them. Faculty, staff and students must adhere to the minimum passwords standards for all systems and applications that come into contact with University resources.

Systems That Cannot Comply with Minimum Standards

If the minimum standards cannot be met, the system must be protected by other means, such as, but not limited to, a dedicated firewall, limited network access or multi-factor authentication.

Background

The University of Wisconsin-Madison ’s network and information systems provide the technical foundation for conduct of its academic, research and administrative missions. Providing this open access to information technology is imperative to ensuring academic freedom at the institution. An important part of providing this network access is ensuring that the network and associated information is secure.

The purpose of this policy is to provide guidance to faculty, staff, students and other authorized users regarding passwords in order to protect individual and University information and resources. Adherence to this policy will help ensure that the university network and information systems are secure and available to all.

Authority

Issued by the UW-Madison Vice Provost for Information Technology.

Enforcement

The University reserves the right to:

  • suspend access to preserve the confidentiality, integrity and availability of the network, systems or information;
  • periodically audit passwords for compliance; and
  • pursue disciplinary action because of non-compliance.

Contact

Please address questions or comments to policy@cio.wisc.edu.

References

 



Keywords:policies guidelines policy recommendations requirements guideline recommendation requirement requirements, administrators alumni applicants faculty it-security-staff it-staff managers students supervisors administration information-technology security, cloud-services identity-management mobile-devices personally-owned-devices security cloud cybersecurity devices identity mobile personal personally, access, access-control configuration-and-maintenance access configuration maintenance   Doc ID:58601
Owner:GARY D.Group:IT Policy
Created:2015-11-30 20:12 CDTUpdated:2016-12-06 21:59 CDT
Sites:IT Policy
CleanURL:https://kb.wisc.edu/itpolicy/cio-password-policy
Feedback:  0   2