We definitely know who it is. And this person’s computer is not only in a very public location, they have very sensitive access.
It sounds like there really isn’t much that can be done about this currently, but I suspect it’s a pretty new issue so that’s likely not helping. User Education and cautioning people on the perils of leaving an unlocked workstation while being culpable for what happens under your login account is the best we can do, though we’ve been doing that for years, and this person should really know better. What happens or doesn’t happen isn’t up to me, nor should it be, I’m just trying to find a way to prevent it from becoming an actual breach. Fun stuff.
LOL nothing you are saying is wrong, let’s put it that way.
EDIT - The concern though is if other users are or start doing it. I can’t very well walk around and spot check every USB port on every device in the building.
I thought about trying to do it by GUID, but there are so many variants out there. It’s a tough one for sure. You’d think users would want the extra protection against someone using their account to breech information? But you’d be wrong.
I seem to recall some sort of physical port blocking when I worked for A Major Bank handling sensitive customer info.
Wonder if that (and the padlocked-shut computer case that had never been cleaned before) contributed to the hellish overheating that eventually cooked my terminal to death and bought me a free day while IT scrounged up a replacement.
Would be kind of funny to shut down their ports and wait for them to come in/file a support ticket, then use that opportunity as a teachable moment, so to speak.
I did make a joke about taking a picture of the Jiggler and positing it on some of the common area walls. “Is this your Jiggler? Please report to HR to retrieve it! Bring your badge and keys.”
Fire people who use them? I mean, if you’re an adult in a professional situation and you can’t stop yourself from using prohibited hardware on company equipment to defeat reasonable security features, then you don’t need to be working there.
The bank where I work has locked the USB ports with software. called device lock or something similar. I can plug in anything but it won’t work. We use PS2 mice only.
This scenario rings false. Waving a badge to unlock a PC is not unreasonable, and certainly not the sort of thing that would drive users into researching workarounds, spending money on workarounds, and implementing workarounds.
I suspect there’s more here that either you aren’t sharing or don’t know. Users do not start working around security policies because they are childish little jerks. Users start working around security policies when said policies become a serious drag on productivity or make their lives miserable for no (user-apparent) reason.
Mouse wigglers strike me as a symptom of a larger issue here. Either the value of security is not apparent to the users or the side effects of the security are causing serious pain. Quite likely both.
I’d suggest that there’s a lot more mileage to be had by treating the problem, not the symptom.
Well, I have Caffeine on all the staff laptops here at a State University because for whatever reason, the Thing that Powerpoint/Google Slides/etc. are supposed to do to dampen automatic screen-locks doesn’t always work (according to the staff I work with). So, since it’s embarrassing to have a screen go black in the middle of a presentation, I just keep the software handy to turn on for 2-4 hours before they start projecting anything.
It is not false, what a strange post you made? All I can say is, it frustrates the shit out of me this person can’t just badge in when they get back to their workstation like everyone else. I’ve timed it, the active session gets re-connected and the’re right back to the desktop in less than 8 or so seconds. This person is just that impatient.
Anyway, thanks everyone for the posts - it sounds like the answer to my initial question on if there is anything that can be done about physical Mouse Jigglers is… no, not really. Not yet, at any rate. User education is about all we have, and that’s been implemented now. Thanks again.
