Security

Created on: 
Jan 21 2020

Online Processing

Mainframe Processing

See ACES Screens and Online Pages for an example of pages or screens used in this chapter.

What is the purpose of ACES security?

The purpose of ACES security is to protect ACES data and the system from unauthorized use with the following features:

  • Automatic timeout after 90 minutes of inactivity.
  • Security violation audit logging and reporting.
  • Password expiration after 90 days.
  • Account inactivation after 180 days.
  • Revoking passwords after three unsuccessful log-on attempts.

What is a unit type?

A unit type is a group of secured tasks that assign specific access(es) to users in the ACES system.

What is a secured task?

A secured task grants a user access to menu options in ACES.

EXAMPLE: A user who has the secured task OMEN-8 can update a client's narrative in ACES.

How is a user’s profile and security access level determined?

A user's profile and security access level are determined by:

  • A specific unit type that's assigned to the user, and
  • What tasks they will be performing in ACES.
EXAMPLE: Inquiry users can only view case data, whereas Update users can add, change, or delete case data.

Who are Security Monitors?

Security Monitors are IT Specialists or designated management staff who have the ability to request access for new users and submit changes for existing ones. For a list of current Security Monitors, see the ACES Security Monitor List.

Why are suspended and deactivated users still in the system?

User information must be kept in the system for historical information and auditing purposes.

NOTE: Users are auto-inactivated if they don't log in for 180 days.

Online Processing

How do I submit a request to add a new ACES or ACES.online user?

To submit a request to add a ACES or ACES.online user, take the following steps:

  1. From the ACES.online Welcome back page, select Security from the Other Links menu.
  2. Select Add ACES User to add a user to ACES mainframe or Add ACES.online Only User to add a user to ACES.online.
  3. Enter [required user information] identified by fields in yellow.
  4. Click Submit.

How do I submit a request to change an existing ACES or ACES.online user profile?

To submit a request to change an existing ACES or ACES.online user profile, take the following steps: 

ACES Users

  1. From the ACES.online Welcome back page, select Security from the Other Links menu.
  2. Click ACES User Search, enter the [search criteria], and click Search.
  • If multiple user IDs are found, click the user ID in the ID column to view the User Details - [Name] (ACES ID) page.
  1. Click Update and the Update User (Complete) page displays.
  2. Update information as appropriate.
NOTE: If a user is assigned a caseload and is moving to a new CSO or being deactivated, the caseload must be reassigned first. Please call IT Solutions Customer Support at 360-664-4560 for help submitting a caseload change request.
  1. Click Submit and the request is added to the Search Security Requests page.

ACES.online Users

  1. From the ACES.online Welcome back page, select Security from the Other Links menu.
  2. Click ACES.online User Search, enter the [search criteria], and click Search.
  • If multiple user IDs are found, click the user ID in the ACES.online ID column to view the User Details - [Name] (ACES ID) page.
  1. Click Update and the Update User (Submit) page displays.
  2. Update information as appropriate.
  3. Click Submit and the request is added to the Search Security Requests page.

How do I submit changes to or delete a pending security request?

To submit changes to or delete a pending security request, take the following steps:

  1. From the ACES.online Welcome back page, select Security from the Other Links menu.
  2. Click Show Pending Security Requests.
  3. In the Request Date column, click the request you submitted.
  4. On the next page, take one of the following actions:
  • Make any changes and click Submit.
  • Click Delete to delete your request.
  • Click Cancel to cancel the update.

What are the ACES.online password criteria?

ACES.online password criteria:

  • Be significantly different from your previous password.
  • Be 8-64 characters in length (or 16-64 for ADMIN accounts).
  • Contain a least one number.
  • Contain at least one lower case letter.
  • Contain at least one upper case letter.
  • Contain at least one of the following special characters:
Character Name Symbol
Exclamation Point !
Open Parenthesis (
Closed Parenthesis )
Dash -
Period .
Underscore _
Grave Accent `
Tilde ~
Commercial At @
Pound Sign (or Number Sign) #
Dollar Sign $
  • Not begin with a period or dash.
  • Not contain the first 3-6 characters of your first or last name.
  • Not contain your User Name or User ID.
  • Not be the same as any of the last four passwords used.
EXAMPLE: Valid passwords include: Test123! Coffee@1 and Winter~19. A passphrase is also valid, such as: 10 Quick Brown Foxes jumped over the fence!

How do I log into ACES.online for the first time if I have an ACES Mainframe profile?

If you have been assigned an ACES Mainframe User ID and temporary password, take the following steps:

  1. Log into ACES Mainframe and set a permanent password. See How do I log into ACES Mainframe for the first time?.
  2. From the ACES.online Logon page, click Create Access Profile.
  3. On the Create ACES.online User Profile page, complete the following fields:
  • ACES Logon ID field - Enter your [ACES Mainframe User ID].
  • ACES Password field - Enter your [ACES Mainframe password].
  1. Click Next.
  2. On the second Create ACES.online User Profile page, complete the following fields:
  • ACES.online User ID field - Enter [an ACES.online User ID].
  • ACES.online password field - Enter a [password] that meets criteria in the Password Criteria section.
  • Confirm password field - Re-enter your new [password].
  • Email field - Enter your work [e-mail address].
  • Printer ID field - This field is typically auto-filled from your ACES Mainframe profile. If not, enter your [printer ID].
  1. Click Create Profile.

How do I log into ACES.online for the first time if I have an ACES.online only profile?

If you have an ACES.online only profile, take the following steps to log in for the first time:

  1. From the ACES.online Logon page, click the Complete the process link.
  2. On the Change Password page, complete the following fields:
  • ACES.online User ID field - Enter your [ACES.online User ID].
  • PIN field - Enter the [PIN] you received via email.
NOTE: If it has been more than 24 hours since receipt of the email with your PIN, please follow the steps in How do I reset my ACES.online password if I forgot it?
  • New Password field - Enter a [password] that meets the criteria in the Password Criteria section.
  • Confirm Password field - Re-enter your new [password].
  1. Click Next and a pop-up window displays: Your ACES.online password has been changed. You will be redirected to the login page. 
  2. Click OK and you are redirected back to the ACES.online Logon page to log in with your new password.
  3. On the ACES.online Logon page, update the following fields:
  • ACES.online User ID field - Enter your [ACES.online User ID].
  • ACES.online Password field - Enter the [ACES.online password] you created in Step 2 above.
  1. Click Next.

How often must passwords be changed?

ACES.online passwords expire every 90 days, based on the last date and time the password was changed.

EXAMPLE: Jody changed her ACES.online password at 9:00 AM on 10/08/2018. On or after 9:00 AM on 01/05/2019, her password has expired.
NOTE: If you change your ACES.online password, your ACES Mainframe password isn't automatically changed.

How do I change my password in ACES.online?

To change your ACES.online password, take the following steps:

  1. From any page in ACES.online, click on My Profile in the upper right-hand corner.
  2. From the User Details page, click the Change Password button.
  3. On the Change Password page, complete the following fields:
  • Current Password field - Enter [your current password].
  • New Password field - Enter [your new password].
  • Confirm Password field - Re-enter [your new password].
  1. Click Next.
  2. If the password change is successful, a pop up message: Your ACES.online password has been changed displays.
  3. Click OK on the pop up message.

How do I reset my ACES.online password if I forgot it?

If you forgot your ACES.online password, take the following steps to reset it:

  1. From the ACES.online Logon page, click Start the reset process.
  2. On the Send Reset Email page, update the following fields:
  • ACES.online User ID field - Enter your [ACES.online User ID].
  • Email field - Enter [the email address associated to your ACES.online account].
  1. Click Submit and an email with instructions and a PIN is sent to the email address associated to your ACES.online account.
  2. On the next page, click Change password and you are redirected to the Change Password page.
  3. On the Change Password page, update the following fields:
  • ACES.online User ID field - Enter your [ACES.online User ID].
  • PIN field - Enter the [PIN emailed to you].
  • New Password field - Enter a [new password].
  • Confirm Password field - Re-enter your [new password].
  1. Click Next and a pop up window displays: Your ACES.online password has been changed. You will be redirected to the login page.
  2. Click OK to be redirected to the Login page..

What do I do if my ACES.online account is locked?

If your ACES.online account is locked, call IT Solutions Customer Support at (360) 664-4560 or send an email to SWITSSupport@dshs.wa.gov. Customer Support can:

  • Send a Password Reset email so you can change your password; or,
  • Resume your account to your current password.

Mainframe Processing

How does a new user get access to ACES mainframe?

The Security Monitor requests a RACF ID (or 300 ID) from Enterprise Technology Services Division (ETSD) Data Security, then completes and submits an ACES Security request via ACES.online.

How do I submit a security request to add a new user or change an existing user profile?

This function isn't available in ACES Mainframe. See Online Processing for more information.

What are the ACES Mainframe password criteria?

ACES Mainframe password criteria:

  • Be exactly eight characters in length.
  • Contain at least one number.
  • Contain at least one letter.
  • Contain at least one of the following special characters: #, $, or @. No other special characters are allowed.
  • Cannot contain the first three to six consecutive characters of your first or last name as it appears in the security database.
  • Cannot contain your User ID.
  • Cannot be one of the last 15 passwords used.
EXAMPLE: Valid passwords include: COFFEE@1 and TEAFOR4$.

How often must ACES Mainframe passwords be changed?

ACES mainframe passwords expire every 90 calendar days.

NOTE: If you change your ACES mainframe password, your ACES.online password is not automatically changed.

How do I log into ACES Mainframe for the first time?

To log into ACES Mainframe for the first time, take the following steps:

  1. From the Welcome to the State of Washington ACES System screen, type ACES and press <TRANSMIT>.
  2. On the Signon to CICS screen, update the following fields:
  • Userid field - Enter your [user ID]
  • Password field - Enter the [temporary password] provided to you by your Security monitor or supervisor and press <TRANSMIT>
  • New Password field - Enter your [new password] and press <TRANSMIT>.
  • New Password field - Re-enter your [new password] and press <TRANSMIT> and a blank screen displays.
  1. On the blank screen type WMEN, then press <TRANSMIT> to access ACES.

How do I change my password in ACES Mainframe?

To change your ACES Mainframe password, take the following steps: 

  1. From the Welcome to the State of Washington ACES System screen, type ACES and <TRANSMIT>.
  2. On the Signon to CICS screen, update the following fields:
  • Userid field - Enter your [user ID]
  • Password field - Enter your [password] and press <TRANSMIT>
  • New Password field - Enter your [new password] and press <TRANSMIT>.
  • New Password field - Re-enter your [new password] and press <TRANSMIT>.

What do I do if my ACES Mainframe account is locked?

If your ACES Mainframe account is locked, call IT Solutions Customer Support at (360) 664-4560 or send an email to SWITSSupport@dshs.wa.gov. Customer Support can:

  • Reset your account to a default password so you can change it; or,
  • Resume your account to your current password.

 

See ACES Screens and Online Pages for an example of pages or screens used in this chapter.