Internal:Technology access policy amendment

The Technology Access Policy is amended by striking Article III, Paragraph 2 and inserting:

2. Standards for Tools. Software platforms used by the Corporation to collect or store Sensitive PII ("Sensitive PII Tool") shall adhere to the following standards:
 * (a) Individual Access . Access shall be allocated to individual user accounts, not accounts shared among individuals. The President may make exceptions for specific tools if the President determines that no feasible alternative exists.
 * (b) HTTP Connection . Web-based tools shall only be accessed over HTTPS. Tools that do not support access over HTTPS shall not be used by the Corporation.
 * (c) Two-Factor Authentication . It is the policy of the Corporation to prefer tools that support two-factor authentication.
 * (d) Public-Key Authentication . Accounts on Corporation servers shall only be accessed through public-key authentication.