What should you do when a coworker leaves their computer logged in and unattended?
Most companies have written policies (sometimes automatically enforced) that dictate a minimum time after which a password-protected screen saver has to be triggered, but to keep the system usable that timeout in my experience is often 10-15 minutes; better than nothing, but still quite a while to leave a computer unprotected.
Responsible colleagues will see an unlocked computer and, wanting to protect valuable corporate information, will sometimes want to take action to resolve this heinous occurrence. But what action should they take?
A good coworker will probably do the responsible thing, approach your computer and engage the screen saver for you. Windows makes this very easy – Windows-L does the trick nice and quickly for example. This is the “proper” response.
At one company my standard response for a while was to open up a full screen Notepad window and type a message in it along these lines, using whatever official-sounding company-specific terms would make it as plausible-sounding as possible:
WARNING: Your computer has been left unattended and unlocked in contravention of the Corporate Security Policy. This incident has been noted and forwarded to your manager for processing. When you read this message please immediately contact Corporate Security on x1234.
And then I would lock the computer, like a good drone should. This had a roughly 50% success rate of getting the victim to call the Security team who would undoubtedly spend a few minutes trying to figure out why on earth the victim was calling them and what on earth they were talking about, during which time everybody who knew what had happened was trying to stifle their laughter, often quite badly.
The Downright Hilarious
The funniest solution I’ve seen mixes direct punishment with peer pressure to both make a point and to attempt to change future behavior.
You know when a victim has been discovered because “they” send an email to the group distribution list with the Subject “I feel pretty…” The body of the email usually contains “Oh so pretty!” The response to seeing such an email usually starts with “Oh jeez, not again…” and can deteriorate rapidly downhill from there, especially for repeat offenders.
I have no idea which genius came up with this, but every time I have seen one of those emails I have laughed out loud and been cruelly ear-wormed with that song. It’s the perfect solution to a common problem. Naturally, once the email has been sent, the victim’s computer is locked for them, so both humiliation and security see a win.
What do you do? I need more ideas, because this isn’t a problem that’s going to go away quickly!