Guest user Created: Feb 28, 2022 Last commented: Feb 28, 2022

Software Password Storage

Hi Guys Regarding Software Assets, we have identified a risk that if the passwords/keys for the software are misplaced we no longer be able to use that asset. The control we have implemented is to store all such passwords/keys in a password safe. My question is which document should this control be recorded in? The “Password Policy” document seems to be focused solely on user passwords, not software/keys.

0 0

Assign topic to the user

Select user

Expert

Rhand Leal Feb 28, 2022

I’m assuming you want to know where to record the information about where passwords/keys are stored.

Considering that, please note that the Password policy has an item which defines that “files containing passwords must be stored separately from the application's system data”.

Since the Password policy does not have a section for record management, I suggest you use Access Control Policy for this purpose.

This Access control policy Integrates the use of the Password Policy in section 3.8, and from this section you can include in its section 4 - Managing records kept on the basis of this document, a record describing how you implement this storage.

Quote

0 0

Comment as guest or Sign in

HTML tags are not allowed

Name *

Email *

I accept the Privacy and Terms

Notify me when someone replies

Feb 28, 2022

Expert Advice Community