can do


> Date: Thu, 11 Sep 2008 19:05:10 -0400
> From: [log in to unmask]
> Subject: ADMIN gentle reminder was Re: [RM] Scheduling passwords
> To: [log in to unmask]
> 
> pls remember to delete out previous when posting a reply, if you are using a
> blackberry for replies pls use a sigblock that says you are sending from
> your blackberry
> 
> peterk
> listadmin
> recmgmt-l
> 
> On Thu, Sep 11, 2008 at 11:11 AM, Sanderson, Glen (INFOSYS) <
> [log in to unmask]> wrote:
> 
> > Observations on this post
> > 1-Keeping a record of a password would compromise the integrity of the
> > password which violate basic tenets of security protocol as there should
> > be alternatives to access systems.
> > 2-I am not aware of any regulatory reason to retain passwords
> >
> > -----Original Message-----
> > From: Records Management Program [mailto:[log in to unmask]] On
> > Behalf Of Gerry McFatridge
> > Sent: Thursday, September 11, 2008 9:07 AM
> > To: [log in to unmask]
> > Subject: Re: Scheduling passwords
> >
> > I don't know why you would keep old passwords as records but in light of
> > recent events in San Francisco I can see that it makes sense to keep a
> > record of current administrator or "root" or "super user" passwords.
> >
> > Maybe even store them in those kind of plastic holders you see in the
> > movies which they crack open to get missile launch codes <grin>
> >
> > Many systems automatically prompt/expire passwords on a periodic basis
> > (every 6 months, 12 months, whatever)so I guess retention could just
> > follow that cycle.
> >
> > On systems that use some sort of biometric input or swiped card in lieu
> > of a manually typed password that info would not be quite as perishable
> > and would be stored in the system itself. I guess retention could follow
> > the tenure of the employee or replacement of a lost card. Actually, on
> > those sort of systems I don't even know if you could get that password
> > info out to store it elsewhere as a record.
> >
> > Interesting question.
> >
> > To answer the question though - no we don't keep passwords as records.
> >
> > Gerry
> > Va Beach, VA
> >
> >
> >
> > -----Original Message-----
> > From: Records Management Program [mailto:[log in to unmask]] On
> > Behalf Of Baareman, Todd
> > Sent: Thursday, September 11, 2008 8:34 AM
> > To: [log in to unmask]
> > Subject: Re: Scheduling passwords
> >
> > What would be the reasoning to retain past passwords?  I don't see the
> > business or legal reasoning for doing this.  I am open to being
> > enlightened!
> >
> > Todd Baareman | Records Management | Steelcase Inc. | 616.246.9581
> >
> >
> >
> > -----Original Message-----
> > From: Records Management Program [mailto:[log in to unmask]] On
> > Behalf Of Berdahl, Siri (LVA)
> > Sent: Thursday, September 11, 2008 8:16 AM
> > To: [log in to unmask]
> > Subject: Scheduling passwords
> >
> > Good morning,
> >
> >
> >
> > I am interested in finding out whether any of your organizations
> > schedule computer passwords as records (i.e. system administrator
> > passwords). If so, what is your reasoning for doing so and how did you
> > arrive at a retention period?
> >
> >
> >
> > Thank you in advance for any replies.
> >
> >
> >
> > Siri Berdahl
> >
> > Electronic Records Analyst
> >
> > The Library of Virginia
> >
> > 800 East Broad Street
> >
> > Richmond, VA 23219-8000
> >
> >
> >
> > [log in to unmask]
> >
> > P: 804-692-3768
> >
> > F: 804-692-3603
> >
> >
> >
> >
> > List archives at http://lists.ufl.edu/archives/recmgmt-l.html
> > Contact [log in to unmask] for assistance To unsubscribe
> > from this list, click the below link. If not already present, place
> > UNSUBSCRIBE RECMGMT-L or UNSUB RECMGMT-L in the body of the message.
> > mailto:[log in to unmask]
> >
> > List archives at http://lists.ufl.edu/archives/recmgmt-l.html
> > Contact [log in to unmask] for assistance To unsubscribe
> > from this list, click the below link. If not already present, place
> > UNSUBSCRIBE RECMGMT-L or UNSUB RECMGMT-L in the body of the message.
> > mailto:[log in to unmask]
> >
> > List archives at http://lists.ufl.edu/archives/recmgmt-l.html
> > Contact [log in to unmask] for assistance To unsubscribe
> > from this list, click the below link. If not already present, place
> > UNSUBSCRIBE RECMGMT-L or UNSUB RECMGMT-L in the body of the message.
> > mailto:[log in to unmask]
> >
> > List archives at http://lists.ufl.edu/archives/recmgmt-l.html
> > Contact [log in to unmask] for assistance
> > To unsubscribe from this list, click the below link. If not already
> > present, place UNSUBSCRIBE RECMGMT-L or UNSUB RECMGMT-L in the body of the
> > message.
> > mailto:[log in to unmask]
> >
> 
> 
> 
> -- 
> Peter Kurilecz CRM CA
> [log in to unmask]
> Richmond, Va
> 
> List archives at http://lists.ufl.edu/archives/recmgmt-l.html
> Contact [log in to unmask] for assistance
> To unsubscribe from this list, click the below link. If not already present, place UNSUBSCRIBE RECMGMT-L or UNSUB RECMGMT-L in the body of the message.
> mailto:[log in to unmask]

_________________________________________________________________
Want to do more with Windows Live? Learn “10 hidden secrets” from Jamie.
http://windowslive.com/connect/post/jamiethomson.spaces.live.com-Blog-cns!550F681DAD532637!5295.entry?ocid=TXT_TAGLM_WL_domore_092008
List archives at http://lists.ufl.edu/archives/recmgmt-l.html
Contact [log in to unmask] for assistance
To unsubscribe from this list, click the below link. If not already present, place UNSUBSCRIBE RECMGMT-L or UNSUB RECMGMT-L in the body of the message.
mailto:[log in to unmask]