To increase the security, an IS auditor should ensure that the following control techniques are in place:
a) Access to data and application is secured disabling the floppy disk drive.
b) Diskless workstation prevents unauthorized access.
c) Unauthorized users may be prevented from overriding login scripts and access securing automatic boot or start-up batch files.
d) Network monitoring can be done to know about the client so that it will be helpful for later investigation, if it is monitored properly.
e) Data encryption techniques are used to protect data from unauthorized access.
f) Authentication system can be provided to a client, so that they can enter into system, only entering login name and password.
g) Smart cards can be used. It uses intelligent handheld devices and encryption techniques to decipher random codes provided client-server based operating systems.
h) Application controls may be used and users will be limited to access only those functions in the system those are required to perform their duties.