The clean desk test
- 23 January, 2019 03:27
Most workspaces hold sensitive documents and information that you don't want to get into the wrong hands. A little care and a few good habits can go a long way toward keeping everything secure.
Here are 10 things to tidy up.
When you leave your desk, do you lock your computer to ensure no one else can look at what you are working on?
While it's not always practical to constantly lock and close applications (or no one would get anything done), certain applications and documents should be given special attention and closed, minimized or locked before leaving a desk. A short auto-lock time for your screensaver can help.
Sticky notes with sensitive information
Your employer expects you to remember ALL of those different passwords? What better way to organize them than to write them all down on a sticky note, right?
Wrong. Even without spelling out exactly what those passwords are used for, an industrious criminal or hacker could use them to gain access to private accounts.
Don't write down passwords anywhere, especially not on display on your computer. A password manager can get your passwords under control.
Expense reports and client contracts are two types of documents that should not be left out for all eyes to see. Private corporate and proprietary information is the kind of data a competitor would love to get their hands on. Documents left out overnight, when cleaning crews or other outside contractors may be in the building, are of particular concern.
Do people really leave sensitive information lying around? Of course they do — we found violations right in CSO's offices.
Put any sensitive paperwork in a locked file or drawer when you're not working on it.
Forgotten printer document
How many times have you printed out a document and then neglected to retrieve if from the machine? In this example, the employee has left a bill for a toll-fees account out for all to see. Bank account information might be found on this document, as well as travel itinerary information that could be considered private.
Retrieve all documents from the printer immediately and store them in an appropriate, secure location.
The recycle bin or wastebasket is another place where employees make security mistakes.
You'd be amazed at the stuff that gets carelessly thrown out.
Consider what you're throwing away before you pitch it. Many documents should be shredded for privacy and security reasons.
Smartphone left on desk
What kinds of texts or other information might be available to someone who picks up your smartphone? Have you received a text regarding an executive's travel plans? Your own? Corporate travel — particularly trips requiring executive protection — should not be available for just anyone to view.
Take your smartphone with you when you leave your desk. Always have it locked with a strong passcode to prevent compromise.
Do your keys open doors to server rooms, document storage or other places that should have good access controls in place?
Car keys clearly show what brand of car they belong to. If the lot is fairly empty, how long until an ambitious car thief finds their way to it?
Store keys in your pocket or purse.
Bag sitting out
What's in your bag? A wallet? Sensitive corporate documents? A laptop not docked and in use? Chances are this bag has plenty of goodies that thieves would love to get their hands on.
If your bag contains valuables, keep it with you or lock it up.
Easy access to files and folders
It would take a motivated thief mere seconds to grab and dash away with files left in unlocked storage spaces.
Make their job just a little harder by locking your document storage areas, such as cabinets and drawers.
Vulnerable USB stick
USB sticks may hold many rewards for a thief. Is there private data on there? Propietary information that might be valuable to a competitor? All the thief needs to do is grab it and stick it in a pocket to find out.
USB sticks, like bags, purses and sensitive documents, need to be locked up and secured when not in use.
Leaving your access card out on your desk means unauthorized individuals might take it and use it to access your building after hours. Or it could be used to get into secure parts of the building that only you, and others with privileged-access rights, are allowed to enter.
Keep your access card with you in your pocket or purse. Many people use clips or lanyards to keep it easily accessible when moving about the building.
Whiteboard covered with writing
Does your whiteboard include names from a client list or financial figures that you might not want to fall into a competitors hands? Is it easily viewed from outside the office, open for anyone to see?
Use whiteboards appropriately and privately. Clean off information that could be considered sensitive. Consider the position of your desk and workspace when it comes to windows and doors. Could someone easily spy on you?