Planning A Secure Environment; Password Protection - Oracle X5-2 Security Manual

Planning a Secure Environment

Security guidelines should be in place before the arrival of the system. After arrival, security
guidelines should be periodically reviewed and adjusted to stay current with the security
requirements of your organization.
Use the information in these sections before and during the installation and configuration of a
server and related equipment:
"Password Protection" on page 15
■
"Operating System Security Guidelines" on page 16
■
"Network Switches and Ports" on page 16
■
"VLAN Security" on page 17
■
"InfiniBand Security" on page 17
■
Contact your IT Security Officer for additional security requirements that pertain to your system
and specific environment.

Password Protection

Passwords are an important aspect of security since poorly chosen passwords could result in
unauthorized access to company resources. Implementing password management best practices
ensures that users adhere to a set of guidelines for creating and protecting their passwords.
Typical components of a password policy should define:
Password length and strength
■
Password duration
■
Common password practice
■
Enforce the following standard practices for creating strong, complex passwords:
Do not create a password that contains the user name, employee name, or family names.
■
Do not select passwords that are easy to guess.
■
Do not create passwords that contain a consecutive string of numbers such as 12345.
■
Planning a Secure Environment 15