People think Im joking when I say to them that they need to protect the users from themselves.
A couple of weeks ago I was travelling through Seattle and while waiting in the lounge there I saw this sad situation. Yes its an abandoned laptop. Its owner has taken off upstairs for a drink - unfortunately he also left his screen unlocked for anyone to access. Want a turn anyone?? :)
Unfortunately its something that's all too common - laptops abandoned in airports and public places.
What can you do to prevent this?
1. EDUCATE YOUR USERS! I've said it before. Nothing replaces a good user education. They need to be told just how serious it is to leave a machine like this and what the data theft implications are aside from physical theft of the machine itself. (Note: BitLocker cant protect the user in this situation)
2. Reinforce through policy. How many years has screensaver timeout policy been in the product? Set a reasonable screen save timeout that forces them to logon again once it activates. Its just good layered security that minimises (though doesn't eliminate) risk.
Any of you have good stories to share on this? :)
I heard this story once of a Brigadier that left a highly-sensitive report in a qantas club computer :)
My favorite "goating" of unlocked computers is running clippy.exe see http://www.codinghorror.com/blog/archives/000997.html
Yeah I saw that report leakage issue - and theres been plenty of other data leakage issues such as USB keys holding sensitive content being lost. In those instances using Rights Management can help. Again its not a silver bullet to data leakage but at the very least the data isnt in the clear and should the actual file leak - noone can read it.
I think this photo neatly sums up the unfortunate axiom of computer and data security:
"Your users will never care about security as much as you do."
Absolutely correct Gavin! Another reason why you need to help them care by enforcing the caring! :)
I read this article from Angus today with much amusement. Apparently Vista is more insecure than Windows