Securing Unattended Workstations

IT Services has applied a password-protected screen saver to all Active Directory workstations. The inactivity period has been set to the maximum allowed time set by state policy of 30 minutes.

Please be sure to log out of the workstations when you leave, especially in public labs and areas where workstations are typically shared.  This may prove challenging in student computer labs; be sure to remind students to log out before they leave.  If you don’t log out, the next person who uses the computer could have access to your files and email.

IT Services may have to decrease the inactivity period before the password-protected screen saver activates if we get reports of unattended workstations.  Keeping our computing environment safe is everyone’s responsibility.

Below is an excerpt of the North Carolina Statewide Information Security Manual.   For those who would like to read it, here’s the link to the full document:

Statewide Information Security Manual (April 20 2012)

 

020103 Securing Unattended Work Stations
Purpose: To prevent unauthorized system access.
STANDARD
Workstations shall be safeguarded from unauthorized access — especially when left unattended. Each agency shall be responsible for configuring all workstations to require a password-protected screen saver after a maximum of thirty (30) minutes of inactivity. Users shall not disable the password-protected configuration specifications established by their agency. Users shall lock their workstations when leaving them unattended.