Welcome to this, the seventh edition of The ISO27000 Newsletter, designed to keep you abreast of updates and developments with respect to the ISO 17799 information security standard.
The information contained in this newsletter is free to our subscribers and provides guidance on practical issues, plus commentary on recent Information Security incidents.
Included in this issue are the following topics:
SIX OF THE BEST: PASSWORD GUIDELINES
Trivial? Yes.... but you would be surprised at how often simple rules like these are fudged or ignored:
1) Never give your password to anyone, even if that person claims to have authorization. (In the latter case, report such requests to your Information Security Officer immediately.)
2) When receiving technical assistance, do not divulge your password to the IT specialist, but stay with your computer and enter the password yourself when required. (If this is not possible, your Systems Administrator should have permission to log on your behalf.)
3) Change your password regularly.
4) Never store it on a computer file
5) Never write down your password
6) If you believe your password may have been compromised, change it immediately