For years, analysts have been reporting on the risks of unattended employee workstations. For example, a user who sits down at a co-worker’s PC could access sensitive data, send email from the PC owner’s account or even introduce malware into the network. To make matters worse, such misuse of an unattended workstation is difficult to detect and prove.
Don’t Rely on Employee Policies Alone
The first step in protecting your organization from these risks is to establish clear policies and educate users about them. In particular, make sure users understand:
In addition, if a workstation’s primary function is to process data while unattended, the organization should consider moving it to a physically secure area.
For More Effective Security, Supplement Policies with Technology
However, it’s unrealistic to rely on these policies to deliver the comprehensive security you need. Users forget to lock their PCs, or don’t realize how important it is to do so even for a short break, and they dislike having to log back in when they return.
Therefore, it’s critical to supplement your employee policies with technology that automates many of the tasks involved. In particular, you should:
To learn more about securing your organization’s workstations, register for an on-demand webcast, “12 Security Controls for Workstations,” hosted by Windows security guru and Microsoft MVP Randy Franklin Smith.