Getting Started with Policy PINs

The Policy PINs feature allows libraries to determine security requirements for user PINs that can vary according to the library or user access level of a given user, or both in combination. In SirsiDynix Symphony, a PIN serves the function of a password and may contain any combination of letters, numbers, or other permitted characters; the PIN is not limited to numbers only. The Policy PINs feature also allows libraries the option to take advantage of secure storage in the SirsiDynix Symphony database. This topic contains information on how to plan for and implement the Policy PINs feature in SirsiDynix Symphony.

•

Prerequisites for Policy PINs

•

Policy configuration for Policy PINs

•

Implementation of Policy PINs

Prerequisites for Policy PINs

Before implementing the Policy PINs feature within your library system, ensure that your libraries have met the following prerequisites.

Planning Prerequisites

Each library should consider the needs of its various types of users when determining what the PIN requirements should be. Policy PINs can be configured by user access level, library, or a combination of both; the library should determine what the PIN requirements should be for its user based on variations of these policies.

Not every type of user or library is required to use Policy PINs and none are required to do so. Your libraries can use their own discretion as to which user access levels or libraries are required to use PINs.

Technical Prerequisites

Before you can configure policy PINs on your library system, you need to have SirsiDynix Customer Support activate the feature on your SirsiDynix Symphony server.

Policy configuration for Policy PINs

After you have determined PIN requirements for your users and libraries and after SirsiDynix Customer Support has activated the Policy PINs feature for your library system, you can begin to configure the policies that support the feature. Create and configure policies of the types below to configure the Policy PINs feature.

Use PINs Policy

The Use PINs Global Configuration policy must be set to "Use PINs" for user PIN fields to be visible in the WorkFlows interface. For more information, see Use PINs Policy.

User PIN Policy

Use the User PIN policy to define PIN security requirements that SirsiDynix Symphony should use to determine if the contents of a new or modified user PIN are permissible. This policy also allows you to determine whether or not users affected by the policy should have their PIN stored in cryptographic storage in the SirsiDynix Symphony database (unless your library system uses an ISAM database). For more information, see User PIN Policy Wizard.

User PIN Map Policy

Use the User PIN Map policy to determine which users are affected by a particular User PIN policy. When a user creates or modifies their PIN, SirsiDynix Symphony examines User PIN maps and finds a User PIN map that contains the library and user profile that matches those of the user. SirsiDynix Symphony then uses the corresponding User PIN policy to determine the requirements for the PIN the user is creating. For more information, see User PIN Map Wizard.

Implementation of Policy PINs

After you have configured the policies that support the Policy PINs feature and have cycled the SirsiDynix Symphony services, SirsiDynix Symphony uses the policies to determine PIN requirements for all new users and users who modify their PIN. PINs for existing users are not affected by the policy changes until the user attempts to change their PIN (for more information, see FAQs: Understanding Policy PINs).

If you chose to have SirsiDynix Symphony store any user PINs in secure storage, you need to run the Secure User PINs Report; this report processes the PINs and saves them to cryptographic storage.