Introduction

The following guidelines pertain to password-protecting the data on the CU*CD archival disks used for archiving credit union daily/monthly reports and member statements.

Purpose

The purpose of these guidelines is to ensure reasonable and appropriate security measures are taken to protect the data available through the CU*CD archives.

Guidelines

1. Passwords will be at least 8 characters in length, and will include at least one numeric digit while utilizing both upper and lower case letters.
2. CU*Archives will determine the passwords utilizing a random password generating software.
3. Password changes will be forced on an annual basis and the past passwords will not be reused.
4. The passwords will be provided to the credit union prior to the end of each calendar year by the CU*Archives Department. They will then be effective for the full following calendar year.
5. CU*Answers will keep all previous passwords versions available to their clients.
6. The supplied passwords should be secured and never be kept in the same location as the data CD.
7. When a credit union calls a CU*Answers employee to retrieve a lost password, the password will never be given out during that call. We will make a separate return phone call to the credit union to ensure that we are speaking with a current credit union employee. Refer to the separate Using Password Safe for CU*CD Archives internal document for instructions.