If only all Security messages could be this clear ¦ What will it take to get users to lock their desktops?
Note: I took this picture myself - it's not a fake.
Clearly we don't want to use scare tactics for Information Security but my ongoing frustration with users who fail to bother locking their PC desktop sessions when leaving their machines unattended makes me wish perhaps we could be more direct:
"Do NOT Leave you machine unlocked whilst it's unattended as someone nasty may come along and commit crimes and embarrasing activities in your name using your electronic identity"
- OK so it's hardly eloquent but you get the idea.
Comments
- Anonymous
January 01, 2003
Can't sleep, so thought I'd blog. oh well...
I've been meaning to post this for a while actually, so... - Anonymous
January 01, 2003
July 10, 2006 Good Morning: Top of the news this AM is InformationWeek's global security survey. They talking to 2000 or so folks and gathered some interesting statistics. Things are too complex, duh! Folks continue to have issues with malware, - Anonymous
July 07, 2006
The comment has been removed - Anonymous
July 08, 2006
That's some sign but yeah I couldent agree more with you, but the fact is that some users will just not learn! :( - Anonymous
July 11, 2006
Last year in India as I approached the airport in Delhi I saw the best sign ever. It said: "SECURITY FOR INCONVENIENCE"
omg I laughed so loudly! Alas, the battery in my camera was dead! - Anonymous
July 13, 2006
OK, so why not just set their screensaver timeout to 5 minutes, it keeps people clicking!! to stop it locking......... - Anonymous
July 19, 2006
We have a 15 minute screen saver / lock out setting here. Some of us have limited it to even 5 minutes but it does not matter. As infrastructure engineers we always try to catch eachother off gaurd. You can literally turn around for 10 seconds and someone will slide in beside you and ninja out an email offering to take over everyones projects. I think short lock out times are useful, but you will never be able to completely eliminate the ability for another user to access that machine... not as long as people themselves are required physical integration. Physical access is after all, the end all be all of computer security. Sweet sign though... it is right up there with a park bench that just said "SWEET!". - Anonymous
July 20, 2006
Jordan> I find that general users get frustrated if the screen lock's set to such a short interval as it tends to lock when they're on the telephone or discussing with team mates. Using competition as you've described is a really good idea.
@ MSFT out computer use policy states that we're not allowed to tamper with each other's machines even if the vulnerable machine was the result of a careless user. - Anonymous
July 20, 2006
The comment has been removed - Anonymous
July 24, 2006
What we need is an RFID tag in employees ID badges, and a proximity sensor (perhaps in the keyboard - similar to current biometric keyboards). Step away from the keyboard more than a few feet, and the session is locked.
I'm sure this is do-able.....? - Anonymous
July 25, 2006
Martin> Such devices exist - I have one. They provide a possible form of identification though rarely do they provide authentication - being near to your PC is enough. Being in a different room or outside your office can be enough to trigger the unlock function.
I bought mine out of curiosity - I don't use it. - Anonymous
July 25, 2006
The comment has been removed