HostedDB - Dedicated UNIX Servers

fips191_41 FIPS PUB 191 GP6. Users must be authenticated to the LAN before accessing LAN resources. GP7. USERIDs must be suspended after a consecutive period of non-use. GP8. Use of LAN hardware such as traffic monitors/recorders and routers must be authorized and monitored by the LAN Management Division. GP9. The Computer Security Act of 1987 (P.L. 100-235) states that "Each agency shall provide for  the  mandatory  periodic  training  in  computer  security  awareness  and  accepted  computer practices  of  all  employees  who  are  involved  with  the  management,  use,  or  operation  of  each Federal computer system within or under the supervision of that agency". • Employees responsible for the management, operations and use of the XYZ LAN must receive training in computer security awareness and acceptable computer practices. • Computer security training should be implemented into existing training programs such as   orientation   programs   for   new   employees,   and   training   courses   involved   with information technology systems equipment and software packages. GP10. Security reports must be generated and reviewed on a daily basis. SPECIFIC RESPONSIBILITIES FOR ENSURING XYZ LAN SECURITY 1. Users Users are expected to be knowledgeable about and adhere to XYZ Agency security policies, and other applicable laws, policies, mandates and procedures.   Users are ultimately responsible for their own behavior.   Specifically users are responsible for the following: U1. Responsible for understanding and respecting relevant Federal laws, Department policies and procedures, XYZ policies and procedures, and other applicable security policies and associated practices for the XYZ LAN. U2. Responsible for employing available security mechanisms for protecting the confidentiality and integrity of their own information when required. U2.1. Follow site procedures for security of sensitive data as well as for the XYZ LAN itself.   Use file protection mechanisms to maintain appropriate file access control. U2.2. Select  and  maintain  good  passwords.  Use  FIPS  112,  Password 43