Skip to main content

Software  >  Lotus  >  

Lotus Notes and Domino Support of Title V of the Italian Personal Data Protection Code
 Technote (FAQ)
 
Problem
What functionality is available in Lotus Notes client and Lotus Domino server to assist with compliance to the Italian Personal Data Protection Code (Legislative Decree no. 196 of 30-June-2003)?
 
Solution
The Italian government has enacted legislation known as the Italian Personal Data Protection Code (Legislative Decree no. 196 of 30-June-2003) (the "Code"). IBM Lotus is committed to helping our customers to respond to applicable provisions of Title V (Data and System Security) of the Code having to do with password management. Lotus Notes and Domino today include features and functions enabling customers to address these requirements, provided the proper policies are put in place and enforced by users. In particular, the Lotus Notes and Domino product set currently provides a set of both identity and password management features. Furthermore IBM Lotus plans to provide new password management enhancements in releases 6.0.5 and 6.5.4 designed to make it even simpler for a user of Notes/Domino to respond to certain requirements of the Code. The current target ship date for 6.0.5 and 6.5.4 is Q1 2005, and IBM Lotus expects that these enhancements will subsequently be made available in Release 7. Alternatively, the product set is equipped with programmatic interfaces to enable customer applications or popular third-party tools to supply and extend such password management features. For more detail on useful features in Notes/Domino, see below.

To see the full Italian text of the law, refer to the following page on the InterLex Web site:

For a complete English translation of the law, refer to the following page on the Garante per la protezione dei dati personali Web site:

It is the customer's sole responsibility to obtain advice of competent legal counsel as to the identification and interpretation of relevant sections of the Code that may affect the customer's business, and any actions the customer may need to take to comply with such laws. IBM does not provide legal advice.

Notes/Domino 6.0.5 and 6.5.4 Features
Custom Password Policies

The ability to implement Notes.id password restrictions on a policy basis is being added to Lotus Domino. The new feature is designed to help administrators prevent passwords from being trivial or predictable.

Through a custom password policy, administrators can restrict or prohibit the use of the following in user passwords:

- user name as part of the password
- repeating characters
- use of special characters, such as punctuation

While custom password policies can be applied to all users, it should be noted that a requirement to change password on first login can only apply to new users who have had the policy applied to them at registration. Users who are already registered will not be required to change their passwords when they log in after the policy has been applied.

Note: Even if a customized password policy is established, users must still enable "Check passwords on Notes IDs" in the Server document in order for Domino to check password history.

Set up a customized password policy:

  1. In the Configuration tab of the Domino Administrator client, click Create Policy.
  2. Set up the policy as required.
  3. Click New next to Security to add security settings to the policy.
  4. On the Password Management tab, under Password Management Options, select "Use Custom Policy."
  5. On the Custom Password Policy tab, configure the custom options as shown in the table below. (Note: An enhancement request to improve the setting descriptions has been submitted to Quality Engineering as SPR# CSMH697SPS.)
    SettingSpecify
    Change password on first useEnable this to require users to change their passwords after the first time they log in using the Notes client
    Allow common name in passwordEnable this to allow users to incorporate their name in their passwords.

    For example: John232Doe
    Password length minimumThe minimum number of characters that users can have in their passwords
    Password length maximumThe maximum number of characters that users can have in their passwords
    Password quality minimumThe minimum password quality value that users can have for their passwords
    Minimum number of alphabetic characters allowedThe minimum number of alphabetic characters that users are allowed to have in their passwords
    Minimum number of upper case characters allowedThe minimum number of uppercase characters that users are allowed to have in their passwords
    Minimum number of lower case characters allowedThe minimum number of lowercase characters that users are allowed to have in their passwords
    Minimum number of numeric characters allowedThe minimum number of numeric characters that users are allowed to have in their passwords
    Minimum number of special characters allowedThe minimum number of special characters, namely punctuation, that users are allowed to have in their passwords
    Maximum number of repeated characters allowedThe maximum number of repeated characters, of any kind, that are allowed in user passwords.
    Minimum number of unique characters allowedThe minimum number of characters that appear only once in a password
    Password may not begin withThe type of characters with which users cannot begin their passwords
    Password may not end withThe type of characters with which users cannot end their passwords

7. Assign the policy and save it.

Note: While Notes and Domino offer a set of features in support of certain provisions of the Code, it is the responsibility of each enterprise to determine the relevance of the Code and take the necessary steps -- with IBM Lotus products, with partner products, with custom applications or a combination -- to comply.

 
 
  

Copyright and trademark information
IBM, the IBM logo and ibm.com are trademarks of International Business Machines Corp., registered in many jurisdictions worldwide. Other product and service names might be trademarks of IBM or other companies. A current list of IBM trademarks is available on the Web at "Copyright and trademark information" at www.ibm.com/legal/copytrade.shtml.
Rate this page
Please take a moment to complete this form to help us better serve you.
This material provides me with the information I need.




This material is clear and easy to understand.




Did the information help you to achieve your goal?
What updates, improvements, or related information would you like to see in this document?
Your response will be used to improve our document content. Requests for assistance, if applicable, should be submitted through your normal support channel as we cannot respond from this site.
Input the verification number to submit feedback:
Document information
 Product categories:
 Software
 Messaging Applications
 Advanced Messaging
 Lotus Notes
 Lotus Notes
 Operating system(s):
  Mac OS, Windows
 Software version:
  6.5
 Reference #:
  1191339
 IBM Group:
 Software Group
 Modified date:
 2004-11-23

Translate My Page
 
 

Rate this page

Help us improve this page. Your response will be used to improve our document content. Requests for assistance, if applicable, should be submitted through your normal support channel as we cannot respond from this site.