Keep Your Data Safe: Unattended Workstation Standards

September 14, 2017 Steve K.

Ensure that your staff never leave a workstation unlocked or unattended. Each workstation contains access to your most precious assets: your member and organization’s data. While much focus is placed on cybersecurity efforts to prevent malware or viruses, it is equally important to focus on the individual using the workstation. A computer is the most vulnerable when a user that is logged into the network leaves it unattended. It is possible for unauthorized access to applications to result in changes to data, fraudulent use, installing malware, etc. One cannot know who is going to be in the vicinity of a workstation, especially in high traffic areas, such as a front desk or a welcome center. Workstations located near these areas especially need to be secured. We recommend the following unattended workstation standards:

  • When leaving a workstation unattended, even if only for a few minutes it is best practice to lock your workstation with a password
  • Implement a password protected screen saver to run after a period of inactivity. PCI (Payment Card Industry) compliance states 15 minutes if idle
  • If the workstation needs to be unattended, such as a check-in station, only allow access to that particular page with no additional permissions or access
  • At the end of each shift log off all applications, systems, and networks for your workstation.

About Daxko Cybersecurity

Our sophisticated architecture and stringent security policies protect our customers’ data from any outside intruders. Some of the ways Daxko keeps your data safe include:

  • Multi-tier data security architecture with Layer 7 Firewalls
  • Intrusion Detection System (IDS) providing 24/7/365 monitoring and alert escalation
  • Dedicated onsite security teams at each data center providing 24/7/365 support
  • Incident management and escalation teams with formal tested plans to quickly resolve any issues
  • All communication and application access occur via secure and encrypted channels, web and web services communication use the HTTPS protocol, and file transfers use SFTP
  • Access is tightly controlled, monitored, logged and limited to authorized team members.

Daxko is:

  • Certified at the highest Level of PCI DSS Level 1 – Global Registry of Validated Providers
  • Audited and Certified SSAE 18 (SOC 1)
  • Audited annually by a certified third party QSA (Quality Security Assessor)
  • Performing enterprise logging and scheduled penetration testing
  • Providing multi-vector, multi-site transactional monitoring and performance testing

Previous Video
Decision Analytics Podcast
Decision Analytics Podcast

Join us as Daxko Lead Generation Manager Allison Ferrell speaks with Daxko's Senior Product Manager over Da...

Next Tweet
Daxko
Daxko

We're excited to welcome Bjørn (pronounced “B-yearn”) @Daxko as CTO. Find out more: https://t.co/Em0rW4Tczq...

×

Ready to Connect with Daxko?

First Name
Last Name
Phone Number
Company Name
Tell us more...
Success!
Error - something went wrong!