When talking about system security we concentrate on technologies and tactics network administrators can use to keep their organisation protected. While this focus is important, even a company specialising in security can neglect to remind employees and others of some basic security measures.
This post details some basic security techniques for keeping your network, your identity and your computer safe. Among these measures is locking your computer when you leave your work station. Many people forget to lock their desktop when they leave their desk, e.g., for a meeting. At smaller organisations where you know most if not all of your coworkers an open desktop might not seem like a threat. However I have heard plenty of stories of people not locking their computer, only to return and find they sent an email offering to purchase coffee for everyone in the office. While this example is rather harmless (and somewhat comical) it demonstrates how vulnerable we leave ourselves when we do not lock (or shut off) our computers. Anyone can access any information you have on your computer.
If you work in an industry with regulations about privacy (such as a hospital or financial institution), or if you possess sensitive information on your hard drive (revenue information, company information that is not yet public), leaving your computer unlocked could have serious consequences. It could cause you to lose your job, tarnish your employer’s reputation, require your employer to make monetary reparations (if customer data is stolen) and may even cause a legal battle.
As another extreme, someone who is malicious could even spread a virus or spyware on your computer and then it would appear as if the malware came from you. Locking your computer is a simple step toward protecting yourself and protecting your company’s network. Perhaps the worst thing that would ever happen is you offer to buy lunch for your entire office, but why chance it?
Get into the habit of locking your computer whenever you leave it for more than five minutes and if you forget the computer on a train or someone steals it you at least made it a little more difficult for someone to access your computer. Most operating systems allow you to establish setting that will automatically lock your desktop after the computer is inactive for a certain amount of time. Taking advantage of this setting will ensure your computer is locked even if you forget.