Results 1 to 6 of 6

Thread: Front line security--screen savers

  1. #1
    Senior Member
    Join Date
    Sep 2003

    Front line security--screen savers

    Activating a password-protected screensaver on users' desktops often provides more protection from unauthorized access than by issuing them with strong network login passwords, according to TruSecure.

    The risk management company claims companies are wasting money on expensive security measures and procedures that can actually increase an organizations' vulnerability to attackers instead of reducing it.

    Jay Heiser, chief analyst at TruSecure, told ZDNet UK that most unauthorized access occurs inside an organization because users leave their desktops unattended and unprotected: "When someone sits down at a logged-in terminal they are able to rifle through that user's files and send or read their email. Screen-locking--activating a password-protected screensaver--is one of the most effective things you can do internally," he said.

    Heiser said that when users are given long and complicated passwords, they are more likely to write them down: "They are going to write them down on Post-it notes next to their monitor or stick them under the keyboard," he said.

    Research has found that companies are hit hard in the pocket when their employees forget their passwords and call the corporate helpdesk. Earlier this year, analyst group Meta calculated that each of these calls costs the company approximately US$25.

    According to Heiser, regardless of whether passwords are complex or simple, there are lots of tools available on the Web that can crack them. A better policy is to use a hardware device, such as a token or smartcard to reinforce access rights. He said: "You always know if your hardware has been stolen but you don't know if your password has been stolen."

    Heiser also dismissed the practice of updating antivirus signatures every day because it is a reactive action rather than a proactive one. "There is not a huge difference in updating antivirus signatures on a daily basis and on a monthly basis. Antivirus software is a band-aid--it isn't worth spending large amounts of time and effort optimizing it because there are other ways to reduce risk for a lower cost," he added.


    I find this quite funny that a screensaver password can be considered a great form of protection. I just want to know what the AO community thinks about this.
    AntiOnline Quick Forum Version 2b Click Here

  2. #2
    Just a Virtualized Geek MrLinus's Avatar
    Join Date
    Sep 2001
    Redondo Beach, CA
    Ah but security is a series of tools and layers (it's like an onion --- no, not smelly... no, well, maybe makes you cry... Oh you know what I mean!!). Basically, a screen saver, especially on the admin side but just as much on the user side, can make it more difficult for a "malicious" type to put something on the machine, add a new admin or what-have-you.

    Anything that can slow down an attacker, IMHO, is a good thing. And even a simple screensaver can do just that..
    Goodbye, Mittens (1992-2008). My pillow will be cold without your purring beside my head
    Extra! Extra! Get your FREE copy of Insight Newsletter||MsMittens' HomePage

  3. #3
    Senior Member
    Join Date
    Aug 2003
    I would have to agree with you spools..as one who knows absolutely nothing, I can get around that.

    On the other hand, it might be just enough of a deterrent to cause someone to move on to the next box. Kind of like the difference between a door being open, and a door being closed..

  4. #4
    Senior Member
    Join Date
    Sep 2003
    This might be just me but just like the screensaver password, every security has a flaw. Eventhought some are easier than others, it is still possible to get around them. When you rely on one security program or type you leave yourself open to danger. Some people might not know how to get around it but i can assure you that someone can. For every other security program or type you add, you make it that much harder to get pass. Even if someone knows how to get past your first security they still have to crack the others. And i can assure you that very few people have the knowledge to crack multiple securities.

    To sum up my post... As small as a screensaver password might seem, it still has the power to slow down a cracker.
    AntiOnline Quick Forum Version 2b Click Here

  5. #5
    Junior Member
    Join Date
    Jun 2003
    I suggest to everyone who works inside my office to have a password protected screen saver and I completely agree with Mittens onion theory. The more security the better. And it's right on to say that if somebody is walking around and the person sees that your computer is just sitting there with Outlook (or whatever mail client) open that it is very tempting to look at.

    I also suggest that people lock their computers as soon as they go away from their desks.

    The one thing that I do tend to enforce is that our vpn users have more complex passwords.
    I am more worried about security of the people who are on the internet with broadband (even if they have a router/firewall) than I am about our internal networks being attacked from the outside.

  6. #6
    AO Ancient: Team Leader
    Join Date
    Oct 2002
    On my network, (Win2k), the passwrod protected login screensaver is mandated in the domain security policy. When I first intsituted it the users pitched the proverbial bitch fit since it was set for 5 minutes..... My department got no end of calls and complaints that it was a pain and too short. I told them it was mandated and that it wouldn't change.... Then, after 2 days I changed it to 10 minutes and told no-one.... To this day this is my dirty little secret...well, one of many.... and I still maintain it is set for 5 minutes......
    Don\'t SYN us.... We\'ll SYN you.....
    \"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts