New passwords will be provided, and existing passwords will be released, only when the identity of the requester can be clearly established.
The University of Kansas Medical Center provides access to network, electronic mail and voice mail resources to its students, faculty, and staff, in support of the University's mission of teaching, research, and public service. Passwords are assigned for access to each of these resources to authenticate a user's identity, to protect network users, and to provide security.
Password protection is one of the most important principles of network, e-mail and voice mail security. The purpose of this policy is to outline the procedures used by authorized staff to change or reveal an existing password to users who have compromised or forgotten their authorized password to the University’s network, e-mail or voice mail resources. The resources covered by this policy include, but are not limited to, the University’s network (via campus or remote access), e-mail and voice mail systems.
Although the University strives to manage a secure computing and networking environment, the University cannot guarantee the confidentiality or security of network, e-mail or voice mail passwords from unauthorized disclosure.
PASSWORD- Authorized individual password assigned by the University of Kansas Medical Center’s Information Resources Department for access to its network, e-mail and voice mail resources.
UNIVERSITY- The term 'the University' means the University of Kansas Medical Center.
USER- Anyone who holds a valid account on the University’s network, e-mail and/or voice mail systems.
Everyone who holds, or wishes to acquire, a valid account on the University’s network, e-mail and/or voice mail systems is covered by this policy. This policy covers users on the Kansas City and Wichita campuses as well as users who access these systems from an off-campus location. There are no exemptions.
Procedures for processing password requests strive to balance security requirements and user convenience. These procedures will be followed by staff of Customer Support or of the Instructional Technology Center for all password requests (including new, changed or forgotten passwords) for access to the University’s network, e-mail or voice mail resources.
1. Under no circumstances will existing passwords be revealed by telephone.
2. Under no circumstances will new passwords be provided by telephone.
3. Customer Support and Instructional Technology Center staff will be pleased to handle requests made in one of the following ways:
4. Confirmation will be sent to user by e-mail or alphanumeric page when a password change is completed.
5. A network manager must approve any password change requested by a user's supervisor. Confirmation will be sent to user when a password change is completed at the request of a supervisor.
6. Department network specialists may complete password requests for their own users. However, any user who is unable to prove identity to the department network specialist's satisfaction must resubmit the change request following Customer Support/ITC procedures.
System administrators and users assume the following responsibilities:
KUMC has adopted "complex passwords" to make it harder for someone to "crack" one of our passwords. Passwords for access to the KUMC network and computer systems must meet the following requirements:
To minimize password guessability:
Keep your password safe:
For information on this policy, please contact:
Jim Bingham
Associate Vice Chancellor for Information Resources
Chief Information Officer
University of Kansas Medical Center
1014 Taylor, 3901 Rainbow Blvd
Kansas City, Kansas 66160
(913) 588-7300
Sherry Callahan
Director of Information Security
Department of Information Resources
University of Kansas Medical Center
1020 Taylor, 3901 Rainbow Blvd
Kansas City, Kansas 66160
(913) 588-0966
©
The University of Kansas Medical Center