A “clean screen” policy is a common control. The risk is of people gaining unauthorized access to systems and information by shoulder surfing or popping onto a computer that someone left logged in. To mitigate, a screensaver can be set to lock the computer after so many minutes of inactivity. Ideally, people work on the computer and the screensaver does not kick in. They stop, the computer locks, and the screen is clean.
The challenge for employees is that the screensaver may come on at inopportune times. For example, when giving presentations or when watching a training video. During these situations the person is using their computer but not actually causing activity.
Not surprisingly, people have started finding hacks to prevent the screensaver from coming on. WiebeTech, for instance, sells a Mouse Jiggler. “Prevents a computer from going to sleep while you work or play. Constant mouse activity prevents sleep mode and screen savers (and their password prompts).”
The workaround for the workaround is to disable device drivers. But this requires configuration management software that may be beyond the budget of many IT/InfoSe teams.
Anyone have other ideas of how to mitigate Mouse Jiggler?
Wolfgang
PS: Also, check out WiebeTech’s HotPlug. This allows someone to switch a running PC or server from a power outlet to a battery pack. They pitch it for forensics as a way to confiscate a running computer. “We created this product for our Government/Forensic customers … allows hot seizure and removal of computers from the field to anywhere else on the planet.”