When the Mice Are Away!

Human Security Risks: The Unattended Workstation

In working on our clients’ risk assessments, in addition to preparing our own assessment, one of the top “human” risks we find is an unattended workstation. An easy, cost-effective (no cost to you) mitigating control is simply to require that users either log out of or lock their computers when they walk away… either during the work day or at the close of business.

Unattended workstations could tempt individuals to read information left on the screen, or worse, to use inappropriate credentials to gain unauthorized access to information. Such an incident could cause a breach of confidentiality, a loss of valuable information, or data integrity problems. If an employee leaves a workstation logged on or unlocked, other employees, customers, a member of the cleaning crew, etc. could obtain unauthorized access to nonpublic information (NPI).

Your Acceptable Use Policy should require that users either lock their computers when they are unattended for short periods of time and log out of their computers when they will be gone for an extended period of time (if this doesn’t cause a conflict with updates).

To help you remind your employees to either lock or log out of their computers, here’s a security awareness reminder poster that you may print and either hand out to your employees or post it in conspicuous locations:    “When the Mice Are Away…”

Related Posts

Considerations – Why you should choose infotex, Inc. as your next MSOC!

Reasons why we should be considered! infotex provides a number of services that can be checked out if you click over to offerings.infotex.com! We even made a movie with all the reasons why infotex...

The Magnificent Seven 2023

Seven Trends . . . …that small bank Information Security Officers face in 2023 Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . Welcom...

Cybersecurity Awareness Month Awareness Poster

About Services Audit & Assessment Policies & Procedures EDR/MDR/XDR Managed SIEM Consulting Services Network Monitoring Education Resource Library Webinars & Workshops V...