Essential IT Policies

Essential policies we think would be useful for you when starting a new church. Please let us know if there are other policies you are after by contacting Pippa.Hawkins@crtrust.org.

 

Password Policy

A comprehensive password policy is key for a number of reasons:

  • Complex passwords are less easily guessed, meaning your account is more secure and less likely to be hacked.

  • The expiry date means that if someone does have access to your account without you knowing it, that access will end when the passwords change.

  • IT have a duty to provide you with systems that ensure a good level of security.

  • Using passwords that are complex and that expire has been recommended by our auditors as best practice.

Your password should be changed every 90 days.

Password rules

  • Your password is required to at least meet the following:

  • At least 8 characters long

  • Contain at least one upper-case letter and one lower-case letter

  • Contain at least one number

  • Avoid international (non ASCII) characters

  • Not be a dictionary word

  • Be less than 12 months old

Ideas for secure passwords

Think differently – rather than cycle through an old password, changing the number each time, go for passphrases – a three word combination with a number, eg BlindSallyFishcake14 – easy to remember, hard to crack (the longer a password, the more difficult to guess/break)

Never write down your password or share it with anyone else.

 

IT Conditions of Use Policy

Information Security Policy