It’s not uncommon for a quick coffee break in the office to turn into a half-hour away from your desk. You may have left your computer unlocked, papers on your desk, client papers in plain sight, and thought nothing more about it.
However, this huge lapse in security can pose a serious threat to the security of your organisation. With attacks against businesses doubling in just five years, organisations can longer be complacent in their approach to data protection.
Keeping a clear desk and clear screen at work is often one of the most overlooked areas of data security in the workplace. Without the proper precautions in place, information and assets on a desk can easily be accessed and taken by an unauthorised person.
It’s easy to think that the information we have on our desks holds no value, but passwords scribbled on sticky notes, login details left in notepads, important client information stored away in an unlocked drawer can all be extremely valuable to a criminal.
Even basic information such as the names and telephone numbers of employees can be used in the careful crafting of a social engineering attack.
There’s an increased risk of theft or a security breach when confidential information is in full view, whether it’s on a screen that has been left logged on, or papers casually left on a desk.
The ICO found that loss and theft of paperwork accounted for almost 14% of data security incidents in 2017, and research from Shred-it found that one in four (27%) employees confessed to leaving work documents or notebooks on their desk, while one in six (16%) leave their computer on and unlocked when they leave work for the day.
It’s important to remember that all these lapses in security are classed as data breaches, just as incidents caused by cyber-attacks are, and under the GDPR organisations are just as liable.
Keeping a clean desk and clear screen at work is vital in preventing against information theft and data breaches. It reduces the chance of sensitive information being viewed or taken by someone who doesn’t have permission, whether it’s another employee or visitor to the office.
There are many benefits to keeping a clear desk and clear screen in the workplace:
- Improved data security
- Prevents against unauthorised access
- Compliance with regulations
- Creates a culture of security
- Improves productivity and efficiency
- Creates a positive company image for visitors
Information is an asset, and like any other business asset it is valuable and must be protected. Every employee plays an important role in safeguarding the information security of the company and keeping a clear desk and clear screen will ensure the workplace remains safe and secure.
To reduce the chance of information falling into the wrong hands, employees should follow the below guidelines:
- All documents are returned to the appropriate filing systems or storage units
- Newly created documents are correctly filed
- Sensitive documents are removed from printers and photocopiers for filing or disposal
- Any confidential, restricted or sensitive information must be removed from desks and locked in a drawer
- Unwanted copies of documents are disposed of in the correct manner
- All removable computer media is filed away
- Filing systems, desks and cupboards are locked and keys stored in the correct locations
- Passwords are not left on sticky notes or written down in an accessible location
- Screensavers are protected with a password
- Computer systems are logged off and, where appropriate, closed down
- Laptops or tablets left in the office are removed from the desk and locked away
- Whiteboards containing restricted and/or sensitive information should be erased
The MetaCompliance product range has been created to meet the needs of businesses operating in a constantly evolving cyber security landscape. Contact us for further information on how we can help improve cyber security awareness within your organisation.
