Unattended workstations

Security policy requires logoff when unattended.
Automatically disconnect user after period of inactivity.
Require users to power off after hours.

Locally stored data

Security policy defines data that can be stored locally.
Security policy addresses back up of locally stored data.
Anti-virus software installed and current.
Anti-virus policy in place.
Sensitive data encrypted.
Data shredder used.
Remove “server” capability.

Local shares

Security policy prohibits local shares.

Workstation applications

Security policy addresses remote access/administration software.

Workstation operating systems

Known OS vulnerabilities are current and protected.
Current patches and upgrades loaded and tested.