Workstation Security Policy

Updated Annually


Workstations (Laptops, Tablets, Desktops, Mobile Devices) are the preferred method to access company information resources for many employees while working at our facilities or working from home. This document describes required minimal security configurations for all workstations connecting to our production network.


The purpose of this policy is to establish standards for the base configuration of company Workstations. Effective implementation of this policy will minimize unauthorized access to proprietary information assets.


All employees, contractors, consultants, temporary, and other workers must adhere to this policy. This policy applies to Workstations that are owned, operated, or leased by our company or any workstation that connects to our production information systems.


The following procedures shall be in force to manage technical, physical, and administrative controls and safeguards for [LEP] workstations:


Physical access to workstations shall be restricted to authorized personnel.  Employees shall prevent unauthorized viewing of information on a screen by:

  • Ensuring monitors are positioned away from public view
  • If necessary, privacy screen filters or other physical barriers to prevent public viewing shall be installed
  • Manually activating a password protected screen saver when staff leave their desk
  • Exiting running applications and closing any open documents
  • Ensuring workstations are logged off at the end of each business day


Employees shall use workstations for authorized business purposes only and only approved personnel may install software on workstations.  All sensitive information must be stored on network servers and not on Workstations.  Staff shall comply with all applicable policies and procedures related to desktop computing.


Systems administrators issuing Workstations shall ensure that all workstations use a surge protector and/or a UPS battery backup.  Workstations shall have all critical security updates and patches installed in a timely manner.


The security team will verify compliance with this policy through various methods. Any exception to the policy must be approved in advance. An employee found to have violated this policy may be subject to disciplinary action, up to and including termination of employment.