Friday, June 24, 2016

User account policy

A user account policy is a document which outlines the requirements for requesting and maintaining an account on computer systems or networks, typically within an organization. It is very important for large sites where users typically have accounts on many systems. Some sites have users read and sign an account policy as part of the account request process.

Policy content

  • Should state who has the authority to approve account requests.
  • Should state who is allowed to use the resources (e.g., employees or students only)
  • Should state any citizenship/resident requirements.
  • Should state if users are allowed to share accounts or if users are allowed to have multiple accounts on a single host.
  • Should state the users’ rights and responsibilities.
  • Should state when the account should be disabled and archived.
  • Should state how long the account can remain inactive before it is disabled.
  • Should state password construction and aging rules.