Lock it Up!
Who do you think is the greatest computer security threat to you or the company you work for? You might think first of hackers, public wireless networks, or phishing emails. The shocking truth is that the greatest security threat is you. Yes, you, dear reader, are the only person with access to all your documents. Only you have all your passwords saved to your laptop each day.
For a hacker, a phishing email, or a ne’er-do-well on public WiFi to be effective, they need to get access to a username and password you have. I bring this up for one important reason: to encourage you to lock your workstation (almost) every time you step away from your computer. Now, many of you probably work in enclosed offices, behind locked doors, or even from your own home. And while that reduces the chances, anyone could walk up to your machine with ill will.
Even if the chance is low because your physical space is secure, it’s hard to say just how helpful it is to lock your screen. You may have noticed that you don’t have to sign into Outlook when you come back from lunch, and Teams is still running while you run to the bathroom. This is all based on something called “caching” - a process by which your password and username are saved on your machine for a certain amount of time for your convenience. This also applies to file sharing services like SharePoint and Dropbox. If someone can get into your unlocked laptop, they are, for all intents and purposes, you.
This gets even worse if you consider any personal logins you store on your computer. Does your browser remember the password to your bank? How about your personal email? If someone gets on your unlocked laptop for a few minutes, they could do a lot of damage. But if your screen is locked, then any would-be bad actor would need at least your PIN or a biometric to get in.
How do you go about locking your screen every time? Well, you’ll probably need a keyboard shortcut to lock your screen. For Windows machines, hold the Windows Key + L. For Macs, use Control+Command+Q. It’s great to build the habit of pressing that shortcut quickly as you step away for any duration of time. An attacker only needs a few seconds.
The drawback to this strategy is that once you come back from the bathroom or lunch, you will need to log in every time, and you might get tired of typing your password. Depending on your organization’s settings, there could be a way to speed that up.
For Windows:
You can setup a PIN or Windows Hello (on applicable models and usually not with webcams) by using the linked guide. These options allow you to confirm the person using your laptop is you way faster than using a password.
For Mac:
I have sad news on the Mac front - no short PINs, says Apple. However, we have a few fast options. The best one is using Touch ID, which is available on most new MacBooks and some Apple keyboards.
If you’re using a docked laptop, you’d have to open your device, which would not be much faster. Thankfully, we have one other option: here is a guide from Apple to unlock your Mac automagically by using your unlocked Apple Watch to confirm your identity!
Stay safe out there and lock your laptop!