There are free password vaults out there - I can't think of any reason why you wouldn't use them. Excel is not the place for passwords. Ever! And no, not even if you PGP it (remnants remain that can easily be recovered). If you're really stuck with shared accounts for awkward systems, then as a further control, you could even look into the free version of Splunk to alert and report on use of these accounts so that it can be audited against appropriate change control or operating procedures. a
________________________________ From: Phillip Partipilo [mailto:[email protected]] Sent: 27 August 2010 17:36 To: NT System Admin Issues Subject: RE: Password sharing policy Err, I meant group. Not OU. Blech. Is it 5 yet? Heh. I'm kinda glad its Friday but also not looking forward to how this meeting at the HOA is going to go. Theyre ditching Comcast for ATT Uverse, which AFAIK will make my hdtivo totally useless. Can't wait to grill them on that during this meeting/intervention/whatever. It's a pisser. AT&T is probably so desperate to stay relevant, with so many people ditching their landlines, they probably offered the HOA an offer they couldn't refuse. Phillip Partipilo Parametric Solutions Inc. Jupiter, Florida (561) 747-6107 From: Phillip Partipilo [mailto:[email protected]] Sent: Friday, August 27, 2010 12:31 PM To: NT System Admin Issues Subject: RE: Password sharing policy There are a few passwords that need to be shared amongst office management staff here, such as, for example, passwords to log into UPS/Fedex/USPS to print shipping labels, logins to Newegg and Staples for office supplies, general things of that matter... And that is kept in a simple Excel spreadsheet that is only accessible to members of an office management OU. Phillip Partipilo Parametric Solutions Inc. Jupiter, Florida (561) 747-6107 From: Bob Fronk [mailto:[email protected]] Sent: Friday, August 27, 2010 8:43 AM To: NT System Admin Issues Subject: OT: Password sharing policy Good morning list.... I am interested in seeing any written "password sharing" policies you have in place. It seems ours is written in Latin, since no one seems to understand it. I am going to draft a new policy, but would like to see how others handle this and get opinions from the list on how "big of a deal" sharing passwords is in other businesses. (Personally, I think it is a BIG deal) Thanks, BF ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- You are currently subscribed to ntsysadmin as: [email protected]. To unsubscribe click here: http://lyris.sunbelt-software.com/u?id=7824819.4dddab35ac7f16e5f831fc656 2594fa5&n=T&l=ntsysadmin&o=9076826 (It may be necessary to cut and paste the above URL if the line is broken) or send a blank email to leave-9076826-7824819.4dddab35ac7f16e5f831fc6562594...@lyris.sunbelt-sof tware.com ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- You are currently subscribed to ntsysadmin as: [email protected]. To unsubscribe click here: http://lyris.sunbelt-software.com/u?id=8246264.f46a442773212a3207ca5ccf4 c61796c&n=T&l=ntsysadmin&o=9076831 (It may be necessary to cut and paste the above URL if the line is broken) or send a blank email to leave-9076831-8246264.f46a442773212a3207ca5ccf4c617...@lyris.sunbelt-sof tware.com ************************************************************************************ WARNING: The information in this email and any attachments is confidential and may be legally privileged. If you are not the named addressee, you must not use, copy or disclose this email (including any attachments) or the information in it save to the named addressee nor take any action in reliance on it. If you receive this email or any attachments in error, please notify the sender immediately and then delete the same and any copies. "CLS Services Ltd × Registered in England No 4132704 × Registered Office: Exchange Tower × One Harbour Exchange Square × London E14 9GE" ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
