- Unauthorised access of an unattended workstation can result in harmful or fraudulent entries, e.g. modification of data, fraudulent e-mail use, etc.
- Make it mandatory to log off or, at least, 'Lock Workstation' or 'Lock Computer' when leaving a workstation unattended - even for a few minutes.
- Implement an automatic (password protected) screen saver to run after a fixed time period of inactivity - say 1 minute.
- Move the workstation to a secure area if its primary function is to process data while unattended. See Preparing Premises to Site Computers and Physical Access Controls.
- For higher risk systems, and in addition to restricted physical access, consider further safeguards such as smart cards or biometric controls.
- Implement a clear screen policy throughout your organisation to avoid opportunistic shoulder surfing.
- Consider configuring the software program and network sessions to 'timeout' after a reasonable period of inactivity. See also Managing Network Access Controls.
- In higher risk areas, or with sensitive information, consider applying disciplinary procedures.