(I haven’t posted in a while, since I meant to do a post about various apps a security professional might want on their Windows Mobile/Pocket PC phone. Aside from other engagements, I’ve just been having too much fun playing with the different programs available for my phone to actually write anything down. It’s very addictive, but I promise you’ll see the fruits of all the tinkering on here soon. Really . )
Most security conscious people make use of their operating system’s “Lock Workstation”, “Lock Screen”, or similar locking functionality whenever they need to step away from their computer for a moment. It’s convenient, since all of your programs are still running and sitting there just like you left them, unlike having to start from a clean slate by logging out and back in. Some people may have picked up on using this security feature, due to an office culture of pranks (such as humorous wallpapers) pulled on those who leave their computers unattended. If your organization’s policy doesn’t put a damper on such pranks already, it can be an effective way (though not necessarily the best way ) to get people to lock their screens.
One important aspect of screen-locking that people don’t normally consider is the environment in which the screen will be unlocked. If you’re sitting at your desk working on a confidential document and someone walks into your office, you can minimize the document before they see it (if you can’t, rearrange your office!). However, if someone is already in your office, followed you in during a discussion, or is otherwise in viewing range of your screen when you sit down to unlock your session, it will be a race for you to minimize the sensitive data once you have unlocked, and the chances of a glimpse are much higher. This can be an even more serious issue, when it comes to laptops, where the situations they are locked and unlocked in may vary greatly as they are carried around (imagine a worst case scenario of it being unlocked while hooked up to a projector).
So what do you do? You make a habit of hitting the “show desktop” (or equivalent) button to minimize everything before locking your screen. Then, once you unlock, you can selectively bring applications back up from minimization, as the situation allows.
As the title advertises, it’s a little thing. However, it doesn’t take much time, it’s easy to explain to your users, and can prevent some cases of accidental disclosure.