Screensavers and Locked Screens: In the past, one of the common ways to gain access to a system to simply look around for an unattended system.
In many cases, the system would be left logged in and unlocked by a user who was going to step away “for a moment” without realizing that a moment was enough for an attacker to cause mischief or worse.
To thwart intruders from attempting to use an unattended system, you can use a password-protected screensavers or a locked console.
The older of these two mechanisms is the password –protected screensavers. Its popularity comes from the fact that it is easy to implement and will stop many a casual intruder.
The concept is simple: When a user leaves a system idle for too long, the screensaver starts and, once it does, only a password can deactivate it.
In most cases, someone walking by wiggling a mouse or tapping the keyboard will be prompted for a password, usually providing a deterrent sufficient to stop any further attempts.
Working alongside or instead of screensavers is the newer and more preferred lock screen. This screen, when available on a given operating system, will actively lock the desktop until a password and username are entered into the system.
The benefit of this mechanism over screensaver mechanisms is that it provides a much more secure way of locking a computer than a simple screensaver, which provides minimal protection.
In a Windows environment, pressing Ctrl+Alt+Del will lock the screen manually, while a system administrator can deploy a policy that will lock the system automatically after a defined period.
It is important, however, to make sure that users understand that locking the screen automatically does not absolve them of any responsibility for making sure they log out properly.
NOTE: In some environment, smart cards are issued in addition to standard usernames and passwords. The smart card must be inserted into a reader on the system prior to logging into the desktop.
Another mechanism for protecting or defending a system in the use of warning banners.
When a place, a warning banner provides a high-profile message stating that a user of system will be held accountable for their actions as well as consent to other things such as monitoring.
In addition, warning banners establish what is and is not acceptable on a system and set the stage legally if any sort of action needs to be taken against a user, such as termination of employment.
The following is an example of a warning banner:
This is a (Agency) computer system. (Agency) computer systems are provided for the processing of Official U.S Government information only.
All data contained on (Agency) computer system is owned by the (Agency) and may be monitored, intercepted, recorded, read, copied, or captured in any manner and disclosed in any manner, by authorized personnel.
THERE IS NO RIGHT OF PRIVACY IN THIS SYTEM.
System personnel may give to law enforcement officials any potential evidence of crime found on (Agency) computer system.
USE OF THIS SYSTEM BY ANY USER, AUTHORIZED OR UNAUTHORIZED, CONSITITUES CONSENT TO THIS MONITORING, INTERCEPTION, RECORDING, READING, COPYING, OR CAPTURING and DISCLOSURE.
Although different companies and organization will use different warning banners, the intent is generally the same: to inform users that they are being monitored.