A security administrator has been tasked with improving the overall security posture related to desktop machines on the network.
An auditor has recently that several machines with confidential customer information displayed in the screens are left unattended during the course of the day.
Which of the following could the security administrator implement to reduce the risk associated with the finding?
Click on the arrows to vote for the correct answer
A. B. C. D.C.
The security administrator has been tasked with improving the security posture of desktop machines on the network, specifically addressing the issue of unattended desktops displaying confidential customer information. There are several options available to reduce the risk associated with this finding.
A. Implement a clean desk policy: This policy requires employees to keep their desks and work areas clean and free of confidential documents, passwords, or other sensitive information when they are not present. This policy can reduce the risk of unauthorized access or theft of confidential data from unattended workstations. However, this policy does not address the specific issue of confidential customer information displayed on desktop screens.
B. Security training to prevent shoulder surfing: This training can help employees become aware of the risks associated with unsecured screens and how to protect confidential information from being viewed by unauthorized individuals. This option is a good one to reduce the risk associated with the finding as it directly addresses the issue of unattended desktops displaying confidential information.
C. Enable group policy-based screensaver timeouts: This option can help reduce the risk of unauthorized access to confidential data by automatically locking desktop screens when they are not in use for a certain amount of time. This option is a good one to reduce the risk associated with the finding as it directly addresses the issue of unattended desktops displaying confidential information.
D. Install privacy screens on monitors: This option can be useful in preventing unauthorized viewing of confidential data by individuals who are not authorized to access it. However, this option does not address the issue of unattended desktops displaying confidential information.
Therefore, options B and C are the best choices to reduce the risk associated with the finding. The security training and enabling group policy-based screensaver timeouts will help ensure that confidential data is not left unprotected on unattended desktops.