What do we mean by a 'Clean Desk Policy'?
We're not talking about clutter and a coffee-cup-free working environment (although that's not a bad thing!).
A clean desk policy in the context of cybersecurity is a measure that requires employees to clear their desks of all sensitive materials when they are not at their desks.
It is intended to limit the risk of sensitive information being lost or stolen and prevent it from being read or stolen by unauthorised individuals.
When not in use, staff are often expected to put away papers, documents, and other materials containing sensitive information and keep them in a secure area, like a locked drawer or cabinet. Employees should also be required to take additional security precautions, such as locking their computers whenever they leave their desks.
But how does all this help protect against Cybercrime?
1. A clean desk reduces the risk of physical security breaches.
It is easier for someone to acquire private information if a desk is crowded and papers are left on display. For instance, cybercriminals might take documents containing login information or other sensitive data.
2. A clean desk can help prevent the spread of malware.
It is simpler to leave behind small items like USB drives or other removable media when a desk is cluttered. Someone who finds one of these items and puts it into their computer risk unintentionally spreading a virus.
3. A clean desk can help to improve overall cybersecurity hygiene.
Employees trained in implementing a clean desk policy are also more likely to be aware of their surroundings and the safety of their workplace. This can aid in developing a security-conscious culture within the business, which is crucial for thwarting cybercrime.
Want to know how 'at risk' your business is right now?
Why not take a walk around your office right now? Try and put yourself in the shoes of a 'bad actor' - look through their eyes...
Look for contract documents, sales proposals or other sensitive information that are readily on display on people's desks. Look for computers that are unattended and not locked.
You may be surprised by what you find... especially if you do not have a clean desk policy deployed in your business.
Members of the CyberHeroes Community have access to a Cybercrime Policy Kickstarter Pack, which includes a Clean Desk Policy. This is one of the practical ways business owners and managers can help to protect their people, profits and reputation against cyber criminals.
If you'd like to know more about our cyber security policy template package or the many other practical ways you can dramatically reduce the risk of becoming a victim of cybercrime, get in touch today.
And for more cybersecurity tips and techniques for small to medium businesses, why not tune into the Cyber Heroes Podcast, where we talk about how to protect your people and reputation, strengthen your cyber posture, create a culture of cyber savviness, and the many cybercrime lessons being learned around the world every day?