Application Security Office
Access and Account Maintenance
The Application Security Office processes requests for access to Administrative Computer Systems. Please submit the appropriate form found on the Account Action Forms web page to obtain an account.
Passwords are specific to the user and are not to be shared. If a co-worker requires access to a system to act as backup, please request an account using the appropriate forms on the Account Action Forms web page or contact the ASO for instructions.
- Choose passwords that are at least 8 characters long; using upper case, lower case, numbers, and special characters such as #, !, ^,+,~,[,],?.
- Do not use your username or names of relatives or pets.
- Avoid using dictionary words. Make up a word or phrase you can remember.
- Do NOT click the “Remember this password on next log in” option in your browser.
- Change your passwords frequently. Every 90 days is recommended.
- To reset PIStOL or HRMS password please call the IT Help Desk (766-4357, option 1).
- To reset Advance or Banner passwords please call the Application Security Office at 766-5747.
Please do not email passwords.
In most cases your password will be reset at your request and you will receive a confirmation email that the password has been changed. If you don't receive the confirmation email, please contact the ASO.
If you transfer to another department on campus your access may not follow you to your new position. The supervisor from your new department needs to fill out the forms on the ASO web page to request that your accounts be transferred to your new position.
Data Security and Handling
Our Administrative systems contain sensitive and Personally Identifiable Information (PII).Access to these systems should not be taken lightly.
What is Personally Identifiable Information or PII?
Examples of PII Data
The following list contains examples of information that may be
- Name, such as full name, maiden name, mother's maiden name, or alias
- Personal identification number, such as social security number (SSN), passport number, driver‘s license number, taxpayer identification number, patient identification number, and financial account or credit card number
- Address information, such as street address or email address
- Asset information, such as Internet Protocol (IP) or Media Access Control (MAC) address or other host-specific persistent static identifier that consistently links to a particular person or small, well-defined group of people
- Telephone numbers, including mobile, business, and personal numbers
- Personal characteristics, including photographic image (especially of face or other distinguishing characteristic), x-rays, fingerprints, or other biometric image or template data (e.g., retina scan, voice signature, facial geometry)
- Information identifying personally owned property, such as vehicle registration number or title number and related information
- Information about an individual that is linked or linkable to one of the above (e.g., date of birth, place of birth, race, religion, weight, activities, geographical indicators, employment information, medical information, education information, financial information).
- Below are a few guidelines that will help in the protection of Personally Identifiable Information:
- Do not send un-encrypted sensitive data via email
- Avoid copying or downloading PII from the University’s administrative systems to your desktop computer, web server, PDA, laptop, Blackberry, iPhone, SmartPhone, USB Drive, or other storage media unless absolutely required and encrypted.
- Never download or copy Personally Identifiable Information to your home computer.
- Periodically delete temporary Internet files, cookies, and history files from your Browser
- If there are no other viable alternatives to copying or downloading data from administrative systems, then additional security controls must be implemented. Below are some suggested recommendations.
- Remove the confidential part of the information from the data
- Store the data on the U: drive rather than on your C: drive of your local computer
- Password protect data
- Physically protect devices that can be easily moved such as SmartPhones or Laptops by locking in a secure area
For more information on keeping PII secure
You can access the NIST (National Institute of Standards and Technology) Guide to Protecting the Confidentiality of Personally Identifiable Information (PII) at