Page 7 - Password administration review-Guilford ES
P. 7
Emergency Services: Password Administration Review
HIGHLIGHTS
We documented and observed the following highlights and best practices established by
Emergency Services:
• Password Complexity - By requiring password complexity, Emergency Services
Technical Support has established a global policy that requires users to have at least a
combination of characters such as special characters, numbers, upper-case and lower-case
letters. In addition, Emergency Services maintains a 12-password history that does not
allow reuse of passwords.
• Training and Communication - Orientation training is conducted on an as-needed basis.
Information Services and Emergency Services Technical Support presents new
employees training on how to set their password including do’s and don’ts around
password security and other phishing avoidance. Information Services also provides
monthly newsletters, communication to key associates and security materials and
announcements through Guilford County’s SharePoint application.
• Active Directory Report – Emergency Services Technical Support has implemented a
dashboard that displays data including: enterprise administrators, domain administrators,
users with upcoming password expiration, users who have not logged in within 30 days,
Group Policy Objects (GPOs), all groups, all users and computers.
6