Employee adoption is always a challenge. There are multiple ways to help your employees adopt a different and enhanced way of logging in.
1. Policy
Inactivity timeout policies should be as short as possible to reduce risk. Start by making your timeout policy shorter. Try making the inactivity timeout policy one minute long to show users that they need to start using GateKeeper to avoid having to constantly log back in manually. This is useful before deploying GateKeeper to increase security and help users see the need for a faster login method.
Some companies choose to make the security of their computers/data a company policy that each employee must sign. Sometimes, there is even a fine for misplacing a key fob.
Admins will select certain settings for employees to ensure that they keep their tokens on them. When an employee must access several computers, carrying the password token is naturally and beneficial. However, for employees that don't travel between workstations often, they may tend to leave their key fob at their desk. This is considered a security risk/policy violation in many companies, similar to leaving a CAC card in a computer when a government employee is away from their computer.
Admins can also choose to make GateKeeper the only login method (not allow typing Windows passwords) so that all employees must use GateKeepers to log in.
Enabling the Inactivity Lock Method, Hub admins can enable an activity timeout. The GateKeeper software will lock the computer if the user is inactive for the specified time (no keyboard or mouse activity), even if the user's token is within the unlock range. See the steps below for enabling the Inactivity Lock Method through the GateKeeper Hub.
1. Log in to the GateKeeper Hub using your admin credentials.
2. On the left side of the dashboard, click the Groups Settings tab.
3. Click the Manage Settings button under Actions for the Group of computers and users you want to apply the inactivity timeout.
4. On the side-panel, under the Lock Settings tab expand the drop-down menu next to Inactivity Lock Method. Select either Lock Workstation, Disconnection Session, or Logout.
Click here for a detailed explanation of each lock method.
5. From the drop-down menu, select either seconds or minutes. Then in the number field, input how long after the user has been inactive before locking the computer.
6. At the bottom of the side-panel, click the Save Changes button.
7. In the upper right-hand corner of the side-panel, click the X. Done!
2. Training
Most companies make training on how to use GateKeeper mandatory for employees. This can take the form of a webinar, in-person meeting, or providing user guides.
For admins, learn how to deploy and use GateKeeper at your organization with the GateKeeper Enterprise training courses for Admins.
3. Provide Lanyards, Badge Holders, or Key rings
Your password token key fob should be treated like any other key - your house key, car key, office key, garage key - all the same. If you lose your key, it's never good. Would you leave your house key in the front door every time you leave just because it was more convenient? No. Provide employees with lanyards, badge holders, and/or keyrings. This will provide employees with a sound method of keeping the key on their person.
4. Help from Peers
If employees have a problem with leaving their tokens at their desk, encourage neighbors to help each other watch out for unattended tokens. In the same way an employee may have left their CAC card in their computer, unattended tokens should be immediately taken directly to your supervisor for security purposes. Policy is only as useful as employees are willing to help each other follow it.
If you have exhausted all options and see that a employee's computer is still left unlocked because they keep leaving their key at their desk unattended, then that employee must be educated to understand the risks and violation of policy. No technology solution can work as intended without some level of input from the user. Leaving your key (no matter what key) unattended is a mistake in any situation.
For any additional questions or concerns regarding proximity settings, computer locking, credential management, or compliance, please contact GateKeeper Enterprise support using the Support Ticket form on https://gkaccess.com/support/ or email support@gkaccess.com.
------------------------------------------
Employee problems; employee adoption; user adoption issues; how to get users to adopt gatekeeper; how to transition users away from passwords; don't leave your key lying around; losing keys; lost tokens; avoiding using tokens; avoiding using GateKeeper; inactivity timeout not working; suggestions how to convince people to use GateKeeper; tricks to get people to use GateKeeper; only one desk; only one computer; beating gatekeeper; tricking GateKeeper; stopping people from beating gatekeeper; stop tricking gatekeeper; stop spoofing gatekeeper;
Comments
0 comments
Please sign in to leave a comment.