PW7K Security Manual @Honeywell Inc 5
Use a unique account for each project
It is a common (bad) practice that some system integrators often use the exact
same system/service credentials on every project they install. If one system is com-
promised, the attacker could potentially have credentials for the access to many
other projects installed by the same contractor.
Minimum Required Permissions
When creating a new user, think about what the user needs to do in PW7K, and
then assign the minimum permissions level required to do that job. For example, a
user who only needs to view current network setting does not need access to
change the network setting. Giving non-required permissions increases the possi-
bility of a security breach. The user might inadvertently (or purposefully) change
settings that they should not change. Worse, if the account is hacked, more per-
missions give the attacker more power.
Password policies
The most popular technique for breaking into a system is to guess user names and
passwords. Consequently, it is essential that passwords are difficult to guess and
that they are changed often.
• The most popular technique for breaking into a system is to guess user names
and passwords. Consequently, it is essential that passwords are difficult to
guess and that they are changed often.
• All the passwords must be strong.
• Ensure password of minimum 8 alphanumeric characters.
• Password must not contain username. In addition passwords must contain
three of the four categories characters shown below
• Uppercase alphabet characters (A-Z)
• Lowercase alphabet characters (a-z)
• Arabic numerals (0-9)
• Non-alphanumeric characters (!, $, #, or %)
To Next Page
Loading...
