The “IT and Freedoms” law requires organizations implementing files to guarantee the security of the data that are processed there. This requirement translates into a set of measures that file holders must implement, primarily through their information systems (IS) or IT manager.

 Adopt a strict password policy

Access to a computer workstation or file by username and password is the first of the protections. The password must be individual, difficult to guess and remain secret. It must not be written on any medium. The IT department or the IT manager will have to set up a strict password management policy: a password must include at least 8 characters including digits, letters and special characters and must be renewed frequently (for example every 3 months) . The system must force the user to choose a password different from the three that he used previously. Usually assigned by the system administrator, the password must be changed by the user from the first login. Finally,