Clear Screen Policy

A five minute coffee break can turn into an hour away from your desk. Meanwhile, your computer screen may be exposing sensitive data in plain view to all passerbys.

If your organization places any value on its sensitive information, a Clear Screen Policy should be implemented.

What is a Clear Screen Policy?

A clear screen policy directs all your organization’s employees to lock their computers when leaving their desk and to log off when leaving for an extended period of time.

This ensures that the contents of the computer screen are protected from prying eyes and the computer is protected from unauthorized use.

A clear screen policy and a clear desk policy work hand-in-hand to safeguard your organization’s information.

Why is a Clear Screen Policy Necessary?

With the popularity of open plan offices and sharing computer workstations, there is a greater need to safeguard your organization’s information.

In addition, a clear screen policy should be adopted because of the numerous benefits it can provide your organization.

Prevents Prying Eyes

Computers that are left logged on and unattended pose as a tempting target for prying eyes.

For example, many employees entrusted with sensitive information often leave documents open in plain view and leave their desk for breaks. An individual in your accounting department may leave a document open exposing the hourly wages of all employees in the office.

Prevents Unauthorized Access

A clear screen policy not only prevents curious passerbys from observing information they should not have access to, it also prevents unauthorized access.

Computers left unattended provide the opportunity for malicious data input, modification, or deletion, often to the worker’s blame.

ISO 27001/17799 Compliance

A clear screen and clear desk policy are necessary for ISO 27001/17799 compliance. Get a head start on compliance by implementing these policies as soon as possible.

Implementing a Clear Screen Policy

A clear screen policy is simple and practical to implement. Your employees should already be accustomed to logging off and/or shutting down their computer when leaving for the day, but few may lock their computers when leaving their desks, especially for short breaks.

A clear screen policy is most difficult to enforce in its infancy. However, once your organization stresses the importance of having a clear screen policy, your employees will eventually make it into a habit.

There are a few important tips to implement a clear screen policy.

Put it in Writing

A clear screen policy should be in writing and communicated to all employees, especially during introductory and refresher training. Have all employees sign the document for approval.

Encourage Keyboard Shortcuts

Pressing CTRL+ALT+DEL and clicking Lock this computer is straight-forward and simple. However, a windows key combination is yet much simpler. Press Windows Key + L and your computer will lock automatically.

Activate Screen Savers with Password Protection

Windows’ screen savers have a password protect option. When enabled, a screen saver can activate after moments of inactivity and ask for a password when activity is resumed. This is useful for employees who leave their desk and forget to lock their computers.

Use Commercial Software

Your organization can choose to purchase commercial software that offers features far beyond what Windows offers.

Lock My PC not only locks your computers, but also disables hot keys (including CTRL+ALT+DEL), the mouse, and the CD/DVD ROM trays. Moreover, the software’s “bulletproof startup lock” guarantees that if your computer is locked at startup, it cannot even be bypassed in safe mode.