Share information carefully

Only share confidential information with those authorized to receive it. Check with the data owner if there is a question.

Use only the confidential information you need for your job

Use only the confidential information that you need for your role. If you change roles, ensure that any access that is no longer required is removed. 

If you move from a job with one security access level to another role with a different level of access, make sure your new level is appropriate for your role. Check with your manager or HR officer for the right level of access.

Use a password management application

Use a password management application like 1Password, LastPass, KeePass or iCloud Keychain that generates, stores and protects long, random, unique passwords

Change your password if compromised

 If you believe your password has been compromised or otherwise improperly accessed, change your password. Depending on your department policy, you might have access to the departmental file share or Sharepoint. Contact your local IT support person or your manager to obtain instructions on the recommended local practice.

Use a 4-digit PIN

For smartphones and tablets, a 4-8 digit PIN is acceptable as long as you also configure the device to erase itself after 10 bad password guesses. 

For Exchange users, this is a default and the user must set the PIN. See your device manual for instructions for those not using Exchange.

Use a departmental file share

Eliminate the need for account sharing by using your departmental file share for documents that need to be shared or accessed by others