Clean Desk Policy
“Cleanliness is next to godliness” is a phrase that encourages neatness and hygiene. In the office, keeping a clean desk will also help ensure that all sensitive and confidential materials are locked away when not in use. Creating a clean desk policy is a simple and effective way to have the work place looking good while reducing risk and increasing security awareness.
A clean desk policy should cover the following materials: paper, storage devices/media, hardware devices, and computers. Key points of the policy should reflect the topics below:
Ensure that Sensitive or Controlled Data in hard copy or electronic form is secure when the workspace is unoccupied and at the end of the shift.
Computer screens must be locked and password protected when the workspace is unoccupied.
Storage cabinets containing Sensitive or Controlled Data must be kept closed and locked when not in use.
Keys used to access Sensitive or Controlled Data must not be left at an unattended desk.
Mobile or portable devices must either be locked with an anchor or locked in a storage cabinet.
Passwords may not be written down and left in an accessible location.
Printouts containing Controlled Data should be immediately removed from the printer.
Upon disposal, Controlled Data must be shredded.
Whiteboards containing Controlled Data must be erased.
Storage devices, such as CD's, DVD's, hard drives, and USB drives, containing controlled data must be locked in a storage cabinet and data must be encrypted.
Posting security awareness posters around the office can capture the employee's attention and educate them on this security topic.
For more information on how you can keep your office secure, contact SC-B Consulting, Inc. at (877) 852-2835 or email andy.valentine@sc-binc.com.
