Essential IT Policies

Essential policies we think would be useful for you when starting a new church. Please let us know if there are other policies you are after by contacting candice.joiner@crtrust.org.

 

Password Policy

HTB Group has a password policy in place for a number of reasons:

  • Complex passwords are less easily guessed, meaning your HTB Group account is more secure and less likely to be hacked.

  • The expiry date means that if someone does have access to your account without you knowing it, that access will end when the passwords change.

  • IT have a duty to provide you with systems that ensure a good level of security.

  • Using passwords that are complex and that expire has been recommended by our auditors as best practice.

Your HTB Group password must be changed every 90 days. When it is time for your password to be changed, you will see a popup when you log in to an HTB Group PC. You will also receive an email from us in advance, informing you that your password is about to expire.

If you do not change your password before the given deadline, you may find that HTB Group resources you use on any device might not work until you do so including Sharepoint, Outlook, Skype for Business. The next time you log on to an office PC you will be prompted to change your password.

Password rules

  • Your HTB Group password is required to at least meet the following:

  • At least 8 characters long

  • Contain at least one upper-case letter and one lower-case letter

  • Contain at least one number

  • Avoid international (non ASCII) characters

  • Not be a dictionary word

  • Be less than 12 months old

Ideas for secure passwords

Think differently – rather than cycle through an old password, changing the number each time, go for passphrases – a three word combination with a number, eg BlindSallyFishcake14 – easy to remember, hard to crack (the longer a password, the more difficult to guess/break)

Never write down your password or share it with anyone else.

 

IT Conditions of Use Policy

Information Security Policy