Question: Assume that you are drafting the User Identification and Authentication section of an IT Security Policy for an organization. Recognizing that: - people do not

Assume that you are drafting the User Identification and Authentication section of an IT Security Policy for an organization. Recognizing that:

- people do not always follow published laws,

- the generally accepted security principal is that passwords should never be written down, and

- research suggests that:

* more than one out of every three enterprise users keep a written record of their passwords and

* 64% of end users report that they have written down their password at least once

Should the policy prohibit passwords from being written down or permit passwords being written down in one of the secured formats referenced in the "Is It Okay to Write Down My Passwords? How To Do It Right " article (https://tiptopsecurity.com/is-it-okay-to-write-down-my-passwords-how-to-do-it-right/ )?

Note, please do not make any references to Password Managers.

Step by Step Solution

There are 3 Steps involved in it

1 Expert Approved Answer
Step: 1 Unlock blur-text-image
Question Has Been Solved by an Expert!

Get step-by-step solutions from verified subject matter experts

Step: 2 Unlock
Step: 3 Unlock

Students Have Also Explored These Related Databases Questions!

Q:

Assume that you are drafting the User Identification and Authentication section of an IT Security Policy for an organization. Recognizing that: - people do not always follow published laws, - the...

Q:

I have to create a program in C and I can't figure it out. The program has to read a source file. Please help. /******************************************************************** PROJECT: Glossary...

Q:

Please scan the SEC Plain English that I've attached. Please visit to this link.http://www.sec.gov/Archives/edgar/data/320193/000119312513416534/d590790d10k.htm#toc590790_9 Please read pages 25...

Q:

1) Read the "Cybersecurity: the three-headed Janus" case posted under Module 2. Provide a summary of the vulnerabilities of Randcom's current information systems. Make sure to address each...

Q:

I need a 10 page paper for my MIS class. Please do not copy and paste as my school is getting stricter on plagiarism. I have attached the assignment and the sample \fData Analytic Thinking 1 Data...

Q:

Why is risk management important to an exhibition management company? To an exhibitor? title Author ISBN Publisher Publication Date Professional Meeting Management Professional Convention Management...

Q:

Chapter 6 Defusing Negligence Liability Earlier in this book we discussed the concept of legal fault (blame) and legal obligation (liability). This chapter is devoted to the concept of managing the...

Q:

Part I : There are many external users of the financial accounting information about a company. Investors, creditors, authorities, vendors, employees, and customers may all be impacted by the...

Q:

Hi, can you help me with this question? I attached the file and other people's assignment. I hope these two can help you finish my assignment. Read the article ?Who Regulates Whom and How?? in the...

Q:

I would like assistance with assignment 3 and 4 on the attached document I have been struggling with the subject and its my last AUI4863/102/0/2016 Tutorial letter 102/0/2016 ADVANCED INTERNAL AUDIT...

Q:

List and describe the three major steps in applying materiality to an audit.

Q:

Discuss ADT in Python. How to define ADT? Write code for a student information.

Q:

Should u.s. antidumping laws be stated in terms of full production costs or marginal costs?

Q:

Compared with half a century ago, adoption has become _ _ _ _ _ _ _ _ _ common, but it is more open and acceptabl e , so we probably discuss it _ _ _ _ _ _ _ . fill in the blanks more or much less or...

Q:

Explain the purpose of the Project Charter and its relationship to Management Approval for a Project.

Q:

What is Change Control and how does it operate?

Q:

How do Data Requirements relate to Functional Requirements?