You can help us with this by adhering to the following good practice when creating web-link accounts:
Account management
- Make sure you have a process to delete web-link accounts when employees leave the organisation, or change roles and no longer require an account.
- Review web-link accounts regularly to monitor this process, and delete any missed accounts. Amend the process as necessary.
- Create individual user accounts – avoid using generic accounts.
- Consider suspending web-link accounts if employees are under investigation, or subject to disciplinary proceedings.
web-link users – passwords
- When creating a web-link account, use a strong password – ideally 14 characters or more. Use non-dictionary words that cannot be easily guessed.
- Make sure your password includes a mixture of numbers, upper and lower case letters, and at least one special character (e.g. !, £, *).
- Don’t use passwords that can be easily linked to an individual, or set the password as your provider name or department.
- Do not write passwords down.