Securing a laptop from co-workers

I am looking for a simple way to secure my laptop from the prying eyes of any co-worker who might be tempted to do a little snooping or changing of settings while I am away from the computer. I don't really need anything complex for attempting to keep out a knowledgeable hacker, etc. just something to, shall we say, keep the honest people honest.

So far the best idea I have come up with would be a BIOS password for boot up and a screensaver password for when I have to leave the computer running. Are there any better alternatives? As I said I want something fairly simple and safe to implement. While I am on the subject of safety, is a BIOS password safe to use...I mean as long as I don't forget the password of course.

Also how effective would the BIOS password/screensaver password scenario be?

Thanks

 

Yeah i'd say you've got a simple and effective plan. Thats exactly what we do at my workplace to protect our computers against tampering. Don't forget password protected logon. You could also try using something like ssm or prosecurity to protect your system settings should anyone manage to get into windows.

 

If someone has physical access to a PC, I will not bother for a HIPS for this purpose. Passwords etc are OK.

Let me ask, can u bypass login password via safe mode?

 

I have the Windows password locking method to prevent others from doing something to my PC. However, they could shut down the PC, reboot, and then sign on as another user to get around that and then play around with the PC files. They recently installed a hard disk encryption program to the laptop so only the original assigned user can log on after the PC reboots after entering a password. If the password is entered wrong 3 times, the PC is locked and won't boot up. Then someone has to take the system to "unlock" the encryption.

 

I am also used to lock the computer via win+L when I'm away. It's a company machine so i'm advised to use this method only. I guess i will recognize if someone reboots the computer, because then i'll be not logged-in anymore.

For a private machine i would probably use some kind of encryption methods, but i have never thought about this, because i don't need my private laptop at my workplace.
However, there are some security applications available, which claim to provide not only full disk encryption but also user identification via usb-stick. Upon removal of the usb-drive the computer will be locked. Ok, this are commercial solutions, but i remember i read somewhere about a gadget which will lock your machine automatically if you are leaving your computer, and unlocks it when you are back. It uses certain kinds of radio-frequencies or something like this to perform this. If this would be something interesting for you, i will search for this again, currently i don't have any link about this in mind.

 

I am not really interested in having to encrypt my disc. I might consider encrypting one folder etc with Truecrypt or similar if I have any sensitive data I want to really protect however. As far as securing the computer from casual snooping, practical jokers, etc I am looking for the most simple solution I can find that will deter those activities. I doubt anyone at my job would do anything truly malicious but they might snoop around, play with settings, etc out of either curiousity, boredom, or as a practical joke.

So far I haven't seen anything that appeals to me more than the BIOS password and the screensaver password. I am not really sure I want to use a BIOS password either though as I don't know much about them. I need to get time to do some research I guess.

As always, thanks to those who have posted suggestions. They are appreciated.