Account security isn’t something that solely applies to your Stream account, it is good practice when using any digital service that you requires you to have some form of log in credentials.
We are a Cyber Essentials Certified Plus company, we take cyber security incredibly seriously.
In this article we will cover:
- Sharing Passwords
- How to create a secure password
- How to securely access cloud services
- What to do if your password is compromised
It is strongly recommended that you DO NOT share Stream accounts between multiple users.
Not only does it put your account at a greater risk of being compromised and impact account security, but it also removes the ability for you to interpret your Stream data correctly and build an accurate audit trail of who undertook actions in Stream including whilst using the Drivers App.
Stream’s subscription is priced per-vehicle, and so there is no limit to the number of individual user accounts that you can create within Stream.
It is therefore recommended that you create one user profile, per individual user, which has it’s own unique password created using the guidance detailed below.
How to create a secure password
Passwords should be secure, strong, secret and difficult to guess.
For this reason, we strongly recommend that passwords should:
- Use Multi Factor Authentication* (MFA) where available and practical
- Not be based on your personal information
- Be at least 12 characters long
- Contain three of the following four categories:
- Uppercase characters
- Lowercase characters
- Numbers
- Special characters ~!@#$%^&*_-+=`|\(){}[]:;”‘<>,.?/
- Be unique
- Not follow a particular keyboard pattern, such as ‘QWERTY’ or ‘123456’
- Not be stored in an easily accessible location
- Could be based on three memorable random words
- Example: ThreeRandomWords
Consider using a password generator and storage system e.g. Google Password Manager/LastPass or a secure document to store passwords.
*Multi-factor authentication will be available in Stream very soon!
How to securely access cloud services
Where available, multi factor authentication should be turned ON, especially for any cloud services being used. Most cloud services offer this option but it is not always the default setting so please apply it where it is offered.
Consider using an authenticator tool, such as Google Authenticator or Microsoft Authenticator.
What to do if your password is compromised
If you believe your passwords, user accounts or devices have been seriously compromised (especially physical devices, company Google account, Stream):
Switch off your laptop, PC, phone and any other devices that may have been compromised.
Contact your administrator to get the relevant account suspended or disabled.