The screen displays no system or application identifiers until the network logon has been successfully completed.
The screen provides no help messages during the logon procedure.
The system validates the logon data only on completion of input and then, if there is an error, the system requires the user to try again.
The logon procedure limits the number of unsuccessful attempts allowed to three (and unsuccessful attempts are automatically recorded) and automatically enforces a time delay before further attempts are allowed.
Password characters are hidden by symbols.
Users are required to log out of sessions when they are finished.
Network Access Control
Authorised users with permissions for devices or services, which they are given, shall access only those devices and services.
Authorised representatives shall access network equipments only. Network devices should not be enabled by default. Remote access is provided by a secure Virtual Private Network connection to the office.
A firewall is in place and controlled by the network team who ensure that only controlled ports are in use.
The organisation monitors its network to ensure that, if any unwanted service or port is identified, appropriate steps are taken to apply appropriate controls.  User authentication for external connections
Remote users log onto the network using VPN and remote authentication. The remote equipment is registered by the IT department.
Remote diagnostic and configuration port protection Ports are locked down and only open only as required. Ports are protected by fire wall settings.
User identification and Users have unique identifiers and password as defined under user registration and in line with the Access Control policy.
Password management This is managed in accordance with sections above.
Use of system utilities Staff are experienced and knowledgeable and do not download and install system utilities unless such a utility will benefit the company.
Session time out Sessions locked out after 10 minutes inactivity Remote laptops using VPN are subject to same lockout after 10 minutes inactivity.