Use A Unique Account For Each Project; Minimum Required Permissions; Password Policies - Honeywell Pro-Watch 7000 Security Manual

Use a unique account for each project

It is a common (bad) practice that some system integrators often use the exact
same system/service credentials on every project they install. If one system is com-
promised, the attacker could potentially have credentials for the access to many
other projects installed by the same contractor.

Minimum Required Permissions

When creating a new user, think about what the user needs to do in PW7K, and
then assign the minimum permissions level required to do that job. For example, a
user who only needs to view current network setting does not need access to
change the network setting. Giving non-required permissions increases the possi-
bility of a security breach. The user might inadvertently (or purposefully) change
settings that they should not change. Worse, if the account is hacked, more per-
missions give the attacker more power.

Password policies

The most popular technique for breaking into a system is to guess user names and
passwords. Consequently, it is essential that passwords are difficult to guess and
that they are changed often.
•
•
•
•
PW7K Security Manual
The most popular technique for breaking into a system is to guess user names
and passwords. Consequently, it is essential that passwords are difficult to
guess and that they are changed often.
All the passwords must be strong.
Ensure password of minimum 8 alphanumeric characters.
Password must not contain username. In addition passwords must contain
three of the four categories characters shown below
• Uppercase alphabet characters (A-Z)
• Lowercase alphabet characters (a-z)
• Arabic numerals (0-9)
• Non-alphanumeric characters (!, $, #, or %)
@Honeywell Inc 5