The last time companies Statute and give special attention to creating a specific and strict security access control and management of network devices and access to internal corporate network. It is known that very often do not apply basic safety procedures and practices, such as control access to resources of a company, which raises the entire corporate infrastructure in immediate danger, with unknown short and long term consequences in terms of data protection and vital information.
For this reason the Authority shall ensure confidentiality of Communications (ADAE ) has issued various regulations regarding network security and privacy of electronic communications. These Regulations explicitly and clearly on issues of safe access to data communication, roles and responsibilities of personnel.
ADAE conduct regular and random checks on the correct application of the Regulations and the approved security policies, such as passwords to control access. Also, compliance with standards Payment Card Industry Data Security Standards and Sarbanes-Oxley (SOX) standards requires the supply of a specific solution that will control access and manage network devices implementing stringent security policies and access to an enterprise network. Cisco offers new possibilities to the most widespread solution Cisco Secure Access Control System (ACS), a new features in the enforcement and management of passwords to support the requirements set by the ADAE and standards PCI and SOX.
For example, ACS offers the possibility to impose strict rules such as minimum length of characters, an uppercase and lowercase alphabetic characters and non-alphanumeric characters. Check that the password is different from previous “n” versions and requires a change after “n” days. Finally, it is possible to reduce the incorrect password entry attempts. The ACS solution addresses the need differentiated access according to user role. Also can pronounce the access control devices of the company, network access either by local or wireless remote corporate network access. The compliance requires detailed reports on :
• Who, when and how connected
• What access attempts failed and what why
• What and who commands executed on network devices
• How and when changes were made ??to the settings of network devices