CourtHeath ConsultingCourtHeath Consulting CourtHeath ConsultingCourtHeath Consulting
  • Home
  • Services
  • Blog
  • About us
    • Our people
    • Our story
    • Panels & Clients
  • UN Global Compact
    • UNGC Statement
  • Resources
    • Our policies
    • Reconciliation Action Plan
    • Documents
    • FAQ
  • Contact us +
    • Where to find us:

      CourtHeath Consulting
      Level 30, 35 Collins Street.
      Melbourne 3000

      Contact No: 04 21 167 746 0421167746

      Email: info@courtheath.com.au

      Tram: Elizabeth Street – Stop 8.

      Contact form:







        Your Name (required)

        Your Email (required)

        Subject

        Your Message

    08 Feb

    Passwords and probity

    Courtheath's blog
    By CourtHeath Consulting

    With Tuesday 6 February marking Safer Internet Day at CourtHeath we think it is timely to talk about how to use passwords the ‘right way’ in procurement.

    Passwords are the key to our electronic worlds and yet, many of us are not that sensible about using them. Would you leave the house empty and the key in the door? Or the car open, with the key in the ignition? Well, sometimes without thinking, people are doing the ‘electronic equivalent’ of just this with their passwords. 

    During a procurement process, we are often privy to highly confidential information, such as tender evaluation reports or draft specifications. This is information that only a closed circle of personnel should be permitted to access. And with this in mind, it may be a good idea to add an extra layer of security to procurement documents by making them password-protected.

    The following are some easy to follow ways to make sure that you are not unwittingly leaving confidential electronic information exposed to people outside of the procurement process or accidentally locking yourself out of the records you have created to demonstrate a defensible procurement process.

    The first and most important step you should take is to use strong passwords.

    So what does a strong password mean? It means that your passwords should not be easy to guess. It is not a good idea to use your pet’s name or your date of birth. Think about using a sentence or a phrase – and this could be about your pets if you like! If the character limit allows something like, ‘I have 2 chihuahuas who like long walks’ might work. If you are limited in characters you could use the first letter of each word ‘Ih2cwllw’. Some administrators require that you use a combination of lower case and capital letters as well as numbers, and sometimes symbols ‘I spend lots of $ on my 2 chihuahuas’ could become ‘Islo$om2c’.

    Generally speaking, you should try to use different passwords for different documents. This will reduce the risk of a ‘hacker’ being able to access all of your procurement records by guessing a single password. The same applies, of course, to using different PINs with your personal bank accounts. You don’t want a thief who gets access to your purse or wallet to guess one number and gain access to all of your accounts.

    Remembering passwords can get out of control for all of us.

    If you need help, consider investing in a password safe app to manage them for you. Alternatively, the old fashioned method of writing your passwords down and hiding them well away from your devices can work. At the conclusion of a procurement process, it is wise to collate your passwords into a single document that is saved securely away from your other procurement documents. This will ensure that your procurement records remain accessible and auditable. 

    The most critical, and yet most forgotten, principle of securing your devices is physical security.

    Don’t leave unsecured devices such as phones, tablets, laptops, USB keys or other removable media lying around. While it is true that portable devices are very easy to steal and USB keys are easy to lose, devices with unlocked screens may also provide free access to whatever is open and unlocked on your device. While it may be okay to log into internet banking or open a password protected document at home and then go and get yourself a cup of coffee, this is not something that you should ever do in the workplace. You may also be putting your professional reputation at risk by providing an opportunity for someone else to action or access sensitive procurement documents under your log-in, or even worse, sending emails including the documents or other sensitive information from your email account. It should be your standard practice to lock your screen whenever you move away from your desk or office.

    Confidential procurement information should only be put onto a USB key if the documents are password protected or the USB is encrypted. But even then, if you leave your laptop unlocked when you leave your desk and the documents are open, they are not secure at all.

    Securing your files and devices is just as important as securing your home, and your personal belongings; but it need not be hard. Following these simple tips will certainly set you in the right direction. Happy Safer Internet Day!

    * * *

    Image by Stavros Sakellaris.

    Written by 

    ​Pauline Bernard and Dr ​
    ​Julia Cornwell McKean.

    [category courtheath's blog]

    [

    ​saferinternetday, procurement, passwords

    ]

    CourtHeath Consulting

    CourtHeath Consulting provides expert procurement and probity advice to government and not for profit organisations. We provide specialist consulting services about procurement issues and organisational procurement operations – as well as management of simple and complex tender processes. Our probity audit and advisory services help clients meet government probity standards especially regarding conflict of interest, confidentiality, ethical conduct and corruption risks.

    Recent Posts

    • Cultural Diversity and Dialogue
    • The UNGCNA 2024 Impact Report
    • Earth Day 2025: Our Power, Our Planet
    • Spotlight on Public Sector Integrity
    • Supplier Code of Conduct: Probity Risks

    Archives

    • May 2025
    • April 2025
    • March 2025
    • February 2025
    • January 2025
    • December 2024
    • November 2024
    • October 2024
    • September 2024
    • August 2024
    • July 2024
    • June 2024
    • May 2024
    • March 2024
    • February 2024
    • December 2023
    • November 2023
    • October 2023
    • August 2023
    • March 2023
    • February 2023
    • January 2023
    • December 2022
    • November 2022
    • August 2022
    • July 2022
    • May 2022
    • March 2022
    • February 2022
    • December 2021
    • November 2021
    • September 2021
    • August 2021
    • June 2021
    • April 2021
    • March 2021
    • February 2021
    • December 2020
    • November 2020
    • September 2020
    • August 2020
    • July 2020
    • April 2020
    • March 2020
    • January 2020
    • December 2019
    • November 2019
    • October 2019
    • June 2019
    • May 2019
    • March 2019
    • December 2018
    • November 2018
    • October 2018
    • September 2018
    • July 2018
    • June 2018
    • May 2018
    • April 2018
    • March 2018
    • February 2018
    • January 2018
    • December 2017
    • October 2017
    • September 2017
    • August 2017
    • June 2017
    • May 2017
    • April 2017
    • March 2017
    • February 2017
    • December 2016
    • November 2016
    • October 2016
    • September 2016
    • August 2016
    • July 2016
    • June 2016
    • May 2016
    • April 2016
    • March 2016
    • February 2016
    • January 2016
    • December 2015
    • Home
    • Services
    • About us
      • Our People
      • Our story
      • Panels & Clients
    CourtHeath logo
    • Blog
    • UN Global Compact
    • Resources
      • Our policies
      • Documents
      • FAQ
    Linkedin     X Social
    • CONTACT US

    CourtHeath Consulting

    Level 30, 35 Collins Street.

    Melbourne 3000

    Contact No: 0421 167 746

    Email: info@courtheath.com.au

    Tram: Spring Street - Stop no 8


    Copyright 2021 © CourtHeath Consulting · Australia. All Rights Reserved.