August 21, 2018

Clean Desk Policy Can Help Drive Data Security


The 2018 State of the Industry Report from information destruction leader Shred-it highlights today’s evolving work styles – working remotely or in open concept offices - and the importance of having information security protocols that can be adapted to these different environments.

A Clean Desk Policy is a great example.

A Clean Desk Policy directs all employees on the importance of protecting confidential information, and it is adaptable to any work environment whether it’s the office, an airport lounge or home. The policy is designed to protect documents and data from unauthorized access, internally and from outsiders.

The risk of experiencing a data breach is at record levels. An Identity Theft Resource Center (ITRC) report showed that in 2017, there were 1,579 reported data breaches exposing nearly 179 million records. That was a 44% increase in the number of breaches, and a 389% increase in records exposed compared to previous numbers.

Here are the 3 P’s of office organization that many organizations use today to promote their Clean Desk Policy:  

  1. PLAN

A few minutes of planning every morning will set all employees up for an efficient and secure workday. Keep out only the necessary items and information, and file all other folders and documents away.  

  1. PROTECT

Protect confidential information at all times. For example, when you leave your desk for a break or to attend a meeting, check the work area for sensitive information and put it away (put it inside a folder or close the document on your computer). Be aware of who is around you in public places and what they might be able to see – and steal. In a recent article, the National Crime Prevention Council reported that confidential information and data along with iPods, PDAs and laptops, pens, envelopes and other office supplies are the most common items stolen in the workplace. Insider fraudsters (an employee, cleaning staff or visitor) will steal information either by picking up paper or by taking a picture of it with their phones. Thieves also move information to a flash drive.  

  1. PICK UP

At the end of the work day or work session, pick up and clean off the desk so that there are no papers or documents that contain sensitive information left behind. File information away or lock it up.

Here is a checklist for establishing a Clean Desk Policy.

  • Publish a comprehensive Clean Desk Policy and share it with all employees.
  • Get buy-in from every level, especially senior management who act as role models.
  • Remind employees about the policy in email signatures, posted signage, desk tents, and door hangers.
  • Provide lockable drawers, filing cabinets, and cupboards as well as small lockable (and portable) storage containers.
  • Promote paperless initiatives such as printing only when necessary. Teach employees to back up documents too.
  • Recognize and reward employees who demonstrably follow the policy. There should be consequences for employees who are non-compliant too.
  • For convenient document destruction in the workplace, partner with a professional service provider partner with a professional service provider that has a secure chain of custody for document shredding and hard drive destruction. Employees should dispose of all confidential data that is no longer needed this way.

Start Protecting Your Business

To learn more about how Shred-it can protect your documents and hard drives, please contact us to get a free quote and security risk assessment.