Oracle Platinum Service Delivery: Password Handling Standard
(Doc ID 1674102.1)
Last updated on JANUARY 18, 2023
Applies to:
Oracle Platinum Services - Version N/A to N/A Information in this document applies to any platform.
Goal
The default password collection for system already Live on Platinum Services should only happen through secure OASG portal following article (Doc ID 2285834.1)
For new Exadata, Exalogic, Supercluster and ZDLRA that need to be activated for Platinum Services the password collection will happen through system activation workflow (Doc ID 2231081.1)
The below process of password collection is to be used only for exceptional cases or new systems not supported by PISR workflow mentioned in (Doc ID 2231081.1)
1. Overview:
1.1. Introduction
This document describes the procedure for transferring and handling customer passwords for Platinum Service Delivery and all its related services.
1.2. Scope
This is the guideline for transferring and handling account passwords while onboarding. This guideline is mandatory for all persons working on delivering services through Platinum Service Delivery, including Oracle employees and partner workers. It’s supplemental to Oracle policies:
Acceptable Use Policy for Company Resources
Password Policy
1.3. Definitions
Username is the non-secret information required during an authentication process identifying a user or a group of users.
Password is the secret information required during an authentication process identifying a user or a group of users.
1.4. Exceptions
Any deviation from these guidelines requires a review and an approval through the Product Support Platinum Delivery Manager. Any deviation has to be documented. Exceptions to Oracle Policies have to follow the Oracle SEMS process. If a customer requests less strict rules for user accounts for access to equipment owned by the customer, the customer has to provide a statement defining their specific rules and the security risks. The customer's acceptance has to be documented.