See all Minimum Security Standards >>
YALE-MSS-9: Authentication and Authorization
Standards
- YALE-MSS-9.1: Ensure all account types are uniquely authenticated
- YALE-MSS-9.2: Do not share account credentials (username/password)
- YALE-MSS-9.3: Utilize secure passwords for authentication
- YALE-MSS-9.4: Grant privileges to IT Systems and data according to the principle of least privilege
- YALE-MSS-9.5: Deprovision accounts and access when roles & responsibilities change
- YALE-MSS-9.6: Require Multifactor Authentication (MFA) for access to authenticated systems
- YALE-MSS-9.7: Use University approved authentication methods
- YALE-MSS-9.8: Secure and/or limit storage of authentication information
- YALE-MSS-9.9: Allow only encrypted network protocols for authentication
- YALE-MSS-9.10: Prevent brute force attacks
- YALE-MSS-9.11: Use administrative and service accounts for their IT function only
- YALE-MSS-9.12: Ensure authentication events are associated with an individual and not just an administrative or service account