This document outlines the requirements for enforcing strong authentication in the Glogou Single Sign-On (SSO) system.
The aim is to ensure the confidentiality, integrity, and availability of our information systems by implementing robust authentication protocols.
This policy applies to all individuals accessing Glogou's applications and services through the SSO system.
Password Policies
1. Complexity
Users must adhere to the following password complexity rules:
Passwords must be a minimum of 8characters long.
Passwords must include at least one uppercase letter, one lowercase letter, one numeral, and one special character.
2. Aging
Passwords will expire every 180 days. Users will be prompted to change their password upon expiration.
3. Reuse
Previous passwords cannot be reused within a 1-year period.
4. Multi-factor Authentication (MFA)
To further strengthen the SSO system, Glogou enforces the use of Multifactor Authentication. In addition to providing their username and password, users must verify their identity through one of the following additional methods:
SMS Verification: A unique code will be sent to the user's registered mobile phone number, which must be entered to gain access.
5. Compliance
Failure to comply with this policy could result in disciplinary action, including revocation of system access rights. It is the responsibility of all users to ensure they understand and adhere to this policy.
6. Policy Review
This policy will be reviewed annually or as deemed necessary by changes in business processes or technology advancements.