Writing

Software, technology, sysadmin war stories, and more. Feed
Thursday, March 29, 2012

Lock your screen, or just do this

I saw more than horrible SQL abuses while I was wedged into an office with three other people working on that LAMP project. I also saw some particularly dubious security failures.

There was a company policy which is not new, special, or even that interesting: lock your screen. It's a simple thing to do and then to undo when you return to your desk. It also thwarts the usual problems of trying to determine who was doing something from a given workstation machine's console.

My desk was positioned such that I could see a few other desks in my peripheral vision. One guy never locked his screen, so I commented on it once or twice. There were web pages you could load up when someone did this and it would put them on a scoreboard. I never did that to him, but I commented that it would be trivial to do.

He did in fact change his behavior in response to this. It did not involve locking his screen, though.

Nope.

He started turning off his monitor when he'd stand up. Yep, it must have been locked, since it was clearly in power-saving mode!

It was funny to watch this backfire, since he'd come back in, reach for the power button, and wind up turning it back off if he had forgotten to shut it down prior to leaving.

Just think, you can do the right thing, or you can come up with something stupid to "put me in my place", and wind up making more work for yourself in the process.

Bravo.