Clear Desk Policy – As mentioned in several recent posts our VALKYRIE (GB) LIMITED team have been busy over the last few weekends. These tasks have including surveillance work, bug sweeps, penetration testing and security audits.
During the audits and penetration testing conducted on offices and residential properties, we noticed a complete lack of employees/owners adhering to clear-desk-policies (CDP). This is probably due to working from home (WFH) for a prolonged period and not thinking security and best practice. Sometimes, more often than not, it’s not about an eavesdropping device or a data breach; it’s as easy as putting your hand in the bin and finding secure documents or looking around a desk
A few thoughts on CDP:
1. Employees should be responsible for their own work area within the office – always clear before you leave. Get rid of unnecessary desk clutter
2. All sensitive documents should be removed from printers for filing or disposal ASAP, this helps to ensure sensitive documents are not left in/on printer trays for the wrong person to pick up
3. Expired and unwanted copies of documents should be disposed of in the correct manner – shredded. Try to use less paper and avoid printing if not necessary
4. All removable computer media, digital storage media and drives, should be filed away securely
5. Filing systems or furniture, desks, pedestals and cupboards should be locked, and keys stored in the correct locations – office key policy and holders
6. Computer systems should be logged off and, where appropriate, closed down
7. Laptops left in the office should be removed from the desk and locked away securely
8. No personal items should be left in the office unattended – company insurance will likely not cover
9. Passwords should not be left on sticky notes posted on or under a computer, nor should they be left written down in an accessible location
10. Whiteboards containing restricted and/or sensitive information should be erased after use – photograph it if needed for future use
11. Ensure everything of any sensitivity is shredded and no documents are placed in the rubbish
E: secyruity@valkyrie.co.uk T: +44 (0) 2074 999 323