During a virtual meeting scheduled for the project team, a colleague mentions that they are using their personal device to access the video conferencing platform and that they have shared their password with another team member. What is the most appropriate action according to best security and compliance practices in the public sector digital environment?