What is a login Banner?
A login banner is a statement made by the system owner that asserts their rights and informs the users of the system what expectation of privacy they should have. Login banners are a critical aspect of IT system security as they allow IT systems administrators and IT Security staff to monitor the system for intrusion and abuse.
Why do we need login banners?
In any modern IT system log monitoring, network monitoring, and security monitoring take place at regular intervals. It is theoretically possible that, while performing their work related duties, an IT systems administrator will come across user information (such as a file stored on the system). The purpose of the login banner is to inform any user of the system that they may be monitored and that unauthorized or malicious access may be prosecuted. Administrators should use login banners on any system that supports their use.
Sample Login Banner
As a login banner is a form of legal assertion, please consult your General Counsel and Information Services before using the following login banner for use on any systems:
Access to electronic resources at [Organization] is restricted to employees, students, or individuals authorized by the [Organization] or its affiliates. Use of this system is subject to all policies and procedures set forth by the [Organization] located at www.xyz.com.
Unauthorized use is prohibited and may result in administrative or legal action. [Organization] may monitor the use of this system for purposes related to security management, system operations, and intellectual property compliance.
Command to issues warning banner on Mac OS X
sudo defaults write /Library/Preferences/com.apple.loginwindow LoginwindowText “Your Warning Message Here”
You will be prompted for your password. Once that is complete, you can log out to see the warning banner (requires you todisable automatic login).