Passwords
Passwords are an important aspect of information security because they are the first line of defense in protecting Cal Performances / Student Musical Activities (CPSMA) and customer information. A poorly chosen password may result in the compromise of confidential information that could adversely affect both the Bank and its customers. All individuals in and associated with CPSMA are responsible for taking the appropriate steps to select and secure their passwords. Please use a longer passphrase that does not use words or names in the dictionary and includes uppercase letters, lower case letters, numbers, and special characters.
For example: W0rking@C^LP3rformancesR0cks!!
Refrain from using the same password for CPSMA accounts as for other non-CPSMA accounts (i.e. personal E-mail account, etc). When possible, refrain from using the same pasword for multiple CPSMA applications. For example, use a different password for computer login, CalNet, Tresona, etc. All passwords must be treated as highly sensitive information.
The following is a list of things that individuals should NOT do with respect to passwords:
- Don't reveal or share your password with anyone—not even individuals who claim to be calling from the IT department, employees, or your manager
- Don't e-mail your password to anyone
- Don't talk about your password in front of anyone
- Don't hint at the format of a password (e.g. "my family name")
- Don't share your password with family members
- Don't reveal your password to co-workers while on vacation
- Don't leave your password anywhere on or near your workstation (e.g. post-it notes, under mouse pads, keyboards, etc.)
- Don't create passwords for group use or shared passwords
Securing your Workstation
In order to keep sensitive information secure and your computer working effectively:
- Secure your terminals whenever you leave your work area ("Secure" means to logoff, or to lock the screen with a password. Holding the Windows Key+L does this on most Windows workstations.)
- Individuals are prohibited from installing software without first obtaining the approval of management and the IT Director. After approval is given the installation must be done by IT department staff.
Securing your Email and Internet Browsing
These simple steps can help keep your email and browsing safe:
- Never give out any personal information in email. No institution, bank or otherwise, will ever ask you for this information via email. It may not always be easy to tell whether an email or website is legitimate, but there are many tools to help find out.
- Many computers become infected from visiting infected websites or downloading "free" software from untrusted websites. Risky behavior includes:
- Clicking on links from email or instant messaging (IM)
- Visiting unknown or untrusted sites
- Clicking on or in "pop-up" windows
- Downloading files except from well-known trusted sources.
Securing Sensitive Data
These data types should never be stored on a personal computer without encryption and approval of your supervisor and the IT Director, and should never be copied to home computers, removable media, or mobile device:
- Social security numbers
- Driver's license or California identification numbers
- Financial account numbers
- Credit or debit card numbers
- Medical information
- Health insurance information