Keep Your Data Safe: Unattended Workstation Standards

Keep Your Data Safe: Unattended Workstation Standards

By Sara Perry
Published On Sep 14, 2017

Ensure that your staff never leave a workstation unlocked or unattended. Each workstation contains access to your most precious assets: your member and organization’s data. While much focus is placed on cybersecurity efforts to prevent malware or viruses, it is equally important to focus on the individual using the workstation. A computer is the most vulnerable when a user that is logged into the network leaves it unattended. It is possible for unauthorized access to applications to result in changes to data, fraudulent use, installing malware, etc. One cannot know who is going to be in the vicinity of a workstation, especially in high traffic areas, such as a front desk or a welcome center. Workstations located near these areas especially need to be secured. We recommend the following unattended workstation standards:

  • When leaving a workstation unattended, even if only for a few minutes it is best practice to lock your workstation with a password
  • Implement a password protected screen saver to run after a period of inactivity. PCI (Payment Card Industry) compliance states 15 minutes if idle
  • If the workstation needs to be unattended, such as a check-in station, only allow access to that particular page with no additional permissions or access
  • At the end of each shift log off all applications, systems, and networks for your workstation.

About Daxko Cybersecurity

Our sophisticated architecture and stringent security policies protect our customers’ data from any outside intruders. Some of the ways Daxko keeps your data safe include:

  • Multi-tier data security architecture with Layer 7 Firewalls
  • Intrusion Detection System (IDS) providing 24/7/365 monitoring and alert escalation
  • Dedicated onsite security teams at each data center providing 24/7/365 support
  • Incident management and escalation teams with formal tested plans to quickly resolve any issues
  • All communication and application access occur via secure and encrypted channels, web and web services communication use the HTTPS protocol, and file transfers use SFTP
  • Access is tightly controlled, monitored, logged and limited to authorized team members.

Daxko is:

  • Certified at the highest Level of PCI DSS Level 1 – Global Registry of Validated Providers
  • Audited and Certified SSAE 18 (SOC 1)
  • Audited annually by a certified third party QSA (Quality Security Assessor)
  • Performing enterprise logging and scheduled penetration testing
  • Providing multi-vector, multi-site transactional monitoring and performance testing

Subscribe to our blog

Curated trends and resources, right to your inbox.

You Might Also Like