August 18, 2017

How to Start Your Own Clean Desk Policy – and Why It’s Imperative

An increasing number of workplaces are implementing an Office Clean Desk Policy – and it’s not just about presenting a tidy image.

What is a Clean Desk Policy?

It specifies how employees should keep their working space, and it’s one of the simplest ways to help comply with privacy laws, emphasise information security in the workplace, and reduce the risk of a data breach and identity theft.

To introduce an office Clean Desk Policy, it’s important to educate employees about what is required. Over time, Clean Desk Policy requirements will become part of the workday.

Here is a checklist for keeping work spaces tidy – and secure.

Start of the workday

  • Staff and others should plan work tasks when they arrive, gathering together only the documents and devices necessary to do the job.
  • After viewing emails and opening needed documents, reduce or close pages on the screen.
  • Try to always be aware of any confidential information being used. In the 2015 3M Visual Hacking Experiment by Ponemon, ‘contact lists and directories’, ‘customer/consumer information’, ‘financial, accounting and budgeting information’, and ‘access/login information’ were spotted and visually stolen most in the workplace.
  • Use a simple filing system so that documents are filed straight away. Research has shown that loose paperwork leads to unauthorised access, theft and fraud.
  • A good Document Management process also limits access to confidential data to those who need the information to do their jobs. Accountable information ‘owners’ are responsible for processing, storage, and secure disposal.

Leaving the work space temporarily

  • Do a quick scan of the work area, and remove and secure any visible sensitive information.
  • Switch on the password-protected screen saver.
  • Take printed documents that are no longer needed and put them into locked consoles provided by a document destruction partner for secure shredding. Eliminating waste and recycling bins is one of the easiest ways to reduce the risk of a security breach.
  • Carry mobile devices, or secure them inside a drawer.

Other workday chores

  • As far as practicable, when sensitive or confidential information is being worked on, close or minimise the window or lock the computer when unauthorised persons are nearby.
  • Never leave confidential documents unattended on flip charts or whiteboards in meeting rooms. When the meeting is over, do not leave behind any confidential notes or information in plain view.
  • In shared printer areas, immediately remove all sensitive documents from equipment.

End of the day

  • Clear desk of papers including sticky notes and papers that contain sensitive information.
  • Log out of desktop computer, and shut it down.
  • Securely store removable computer devices, DVDs, USB sticks, etc.
  • Lock draws and filing cabinets, and store keys in a secure location.

Find out the level of document security in your organisation with this DIY information security checklist. Prevent security risks and ensure your data is secure by working with secure paper shredding services.

Start Protecting Your Business

To learn more about how Shred-it can protect your documents and hard drives, please contact us to get a free quote and data security survey.