Target system groups
The target system groups menu allows you to apply:
Password policy
Web-based password change restrictions
Password synchronization rules
By default, all target systems belong to the default target system group and are subject to a single, global set of password strength rules. You may want to add additional groups to:
Apply different password policies to sets of target systems.
You may want to do this if some target systems have incompatible password strength rules or if some target systems require stronger passwords than others.
You can also apply different password policies within a target system group by linking user classes to policies.
Apply different synchronization rules.
You can require passwords for all members in a group to be synchronized or force users to choose a different password for each member of a group of target systems.
Restrict the access rights of groups of help desk users to specific target systems.
Best practice
Bravura Security recommends that all target systems belong to a single target system group and are subject to a single password policy. Synchronizing passwords significantly reduces help desk call volume. Even passwords on systems notorious for "weak” passwords, such as mainframes, can be made strong with a good combination of password strength rules. Forcing users to change passwords often also strengthens security. Grouping target systems is usually only done for legacy applications or to comply with internal policy.
Add target systems to groups on the Target system information page (Manage the System > Resources > Target systems). You can see which target systems belong to a group by clicking the Members tab on the page.