LISTSERV - RECMGMT-L Archives - LISTSERV.IGGURU.US

RECMGMT-L Archives

Records Management

RECMGMT-L@LISTSERV.IGGURU.US

	LISTSERV Archives
	RECMGMT-L Home

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Forum View Use Monospaced Font Show Text Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]

Subject:	ADMIN gentle reminder was Re: [RM] Scheduling passwords
From:	Peter Kurilecz <[log in to unmask]>
Reply To:	Records Management Program <[log in to unmask]>
Date:	Thu, 11 Sep 2008 19:05:10 -0400
Content-Type:	text/plain
Parts/Attachments:	text/plain (147 lines)

pls remember to delete out previous when posting a reply, if you are using a
blackberry for replies pls use a sigblock that says you are sending from
your blackberry

peterk
listadmin
recmgmt-l

On Thu, Sep 11, 2008 at 11:11 AM, Sanderson, Glen (INFOSYS) <
[log in to unmask]> wrote:

> Observations on this post
> 1-Keeping a record of a password would compromise the integrity of the
> password which violate basic tenets of security protocol as there should
> be alternatives to access systems.
> 2-I am not aware of any regulatory reason to retain passwords
>
> -----Original Message-----
> From: Records Management Program [mailto:[log in to unmask]] On
> Behalf Of Gerry McFatridge
> Sent: Thursday, September 11, 2008 9:07 AM
> To: [log in to unmask]
> Subject: Re: Scheduling passwords
>
> I don't know why you would keep old passwords as records but in light of
> recent events in San Francisco I can see that it makes sense to keep a
> record of current administrator or "root" or "super user" passwords.
>
> Maybe even store them in those kind of plastic holders you see in the
> movies which they crack open to get missile launch codes <grin>
>
> Many systems automatically prompt/expire passwords on a periodic basis
> (every 6 months, 12 months, whatever)so I guess retention could just
> follow that cycle.
>
> On systems that use some sort of biometric input or swiped card in lieu
> of a manually typed password that info would not be quite as perishable
> and would be stored in the system itself. I guess retention could follow
> the tenure of the employee or replacement of a lost card. Actually, on
> those sort of systems I don't even know if you could get that password
> info out to store it elsewhere as a record.
>
> Interesting question.
>
> To answer the question though - no we don't keep passwords as records.
>
> Gerry
> Va Beach, VA
>
>
>
> -----Original Message-----
> From: Records Management Program [mailto:[log in to unmask]] On
> Behalf Of Baareman, Todd
> Sent: Thursday, September 11, 2008 8:34 AM
> To: [log in to unmask]
> Subject: Re: Scheduling passwords
>
> What would be the reasoning to retain past passwords?  I don't see the
> business or legal reasoning for doing this.  I am open to being
> enlightened!
>
> Todd Baareman | Records Management | Steelcase Inc. | 616.246.9581
>
>
>
> -----Original Message-----
> From: Records Management Program [mailto:[log in to unmask]] On
> Behalf Of Berdahl, Siri (LVA)
> Sent: Thursday, September 11, 2008 8:16 AM
> To: [log in to unmask]
> Subject: Scheduling passwords
>
> Good morning,
>
>
>
> I am interested in finding out whether any of your organizations
> schedule computer passwords as records (i.e. system administrator
> passwords). If so, what is your reasoning for doing so and how did you
> arrive at a retention period?
>
>
>
> Thank you in advance for any replies.
>
>
>
> Siri Berdahl
>
> Electronic Records Analyst
>
> The Library of Virginia
>
> 800 East Broad Street
>
> Richmond, VA 23219-8000
>
>
>
> [log in to unmask]
>
> P: 804-692-3768
>
> F: 804-692-3603
>
>
>
>
> List archives at http://lists.ufl.edu/archives/recmgmt-l.html
> Contact [log in to unmask] for assistance To unsubscribe
> from this list, click the below link. If not already present, place
> UNSUBSCRIBE RECMGMT-L or UNSUB RECMGMT-L in the body of the message.
> mailto:[log in to unmask]
>
> List archives at http://lists.ufl.edu/archives/recmgmt-l.html
> Contact [log in to unmask] for assistance To unsubscribe
> from this list, click the below link. If not already present, place
> UNSUBSCRIBE RECMGMT-L or UNSUB RECMGMT-L in the body of the message.
> mailto:[log in to unmask]
>
> List archives at http://lists.ufl.edu/archives/recmgmt-l.html
> Contact [log in to unmask] for assistance To unsubscribe
> from this list, click the below link. If not already present, place
> UNSUBSCRIBE RECMGMT-L or UNSUB RECMGMT-L in the body of the message.
> mailto:[log in to unmask]
>
> List archives at http://lists.ufl.edu/archives/recmgmt-l.html
> Contact [log in to unmask] for assistance
> To unsubscribe from this list, click the below link. If not already
> present, place UNSUBSCRIBE RECMGMT-L or UNSUB RECMGMT-L in the body of the
> message.
> mailto:[log in to unmask]
>



-- 
Peter Kurilecz CRM CA
[log in to unmask]
Richmond, Va

List archives at http://lists.ufl.edu/archives/recmgmt-l.html
Contact [log in to unmask] for assistance
To unsubscribe from this list, click the below link. If not already present, place UNSUBSCRIBE RECMGMT-L or UNSUB RECMGMT-L in the body of the message.
mailto:[log in to unmask]

ATOM RSS1 RSS2

LISTSERV.IGGURU.US