Core Logo Core Logo
 

Discover the benefits of using a single platform environment

click to read report
 
 

Outsourcing a managed support service

click to read report
 
click for more reports
click to email
Terms & Conditions

Privacy Policy

Click here, to download this white paper

2) How to warn off unauthorised users for all of your devices

The use of warning or logon banners for all access points into the corporate network is highly recommended. Mobile solutions should not be exceptions to the rule. Many phones and PDA’s now support the display of a message (of limited length) when the device is switched on.

The message should serve three main roles;

  1. Warn the user against unauthorised access. Ask them to check with an administrator for user rights before proceeding.
  2. Reiterate acceptable use policy. Before the user continues, ask them to be familiar with the company ‘use policy’.
  3. Notification of systems monitoring. So your data is protected and warns off those with inappropriate intent.

Displaying a logon warning message notifies an individual that their actions may be unauthorised and therefore prohibited. This makes it very difficult for a defendant to argue (either in internal disciplinary proceedings or legal prosecution) that they were not aware that their actions were prohibited.

The wording of the logon banner must be carefully crafted as it may have to stand-up to the rigours of tribunal or legal cross-examination. Ask your legal department to cross-check the wording to make sure you are in a strong position should any action be required.

The message should encompass the following 4 attributes:

  1. Avoid terms that indicate consent to access the system, i.e. “welcome”.
  2. Use short simple sentences, to make the message clear.
  3. Make it general, to cover undefined violations that may occur.
  4. Be concise, the message must fit a limited space.

An example of a logon security banner that is short enough to fit on a PDA, such as the HP IPAQ is;

WARNING: Use of this system is restricted and monitored. Unauthorised access or improper use is prohibited and may result in legal action.

There are many examples of logon banners available by searching the internet. These can be modified and you may want to consult with your company’s legal department on appropriate wording. It is likely that the logon banner displayed by your device will vary depending on the capacity of the device to display the message. Make use of higher character capacity where possible but remember to adhere to the above message attributes.

Remember; don’t expose your network. Make sure your mobile solution supports logon banners. Continue...
 
  © 2005 Core Technology Systems (UK) Limited. All rights reserved.
click to sign up
click to read about