It’s not uncommon for a quick coffee break in the office to turn into a half hour away from your desk. You may have left your computer unlocked, papers on your desk, client papers in plain sight and thought nothing more about it.
However, this huge lapse in security can pose a serious threat to the security of your organisation. With attacks against businesses doubling in just five years, organisations can longer be complacent in their approach to data protection.
Keeping a clear desk at work is often one of the most overlooked areas of data security in the workplace and without the proper precautions in place, information and assets on a desk can easily be accessed and taken by an unauthorised person.
It’s easy to think that the information we have on our desks holds no value, but passwords scribbled on sticky notes, login details left in notepads, important client information stored away in an unlocked drawer can all be extremely valuable to a criminal.
Even basic information such as the names and telephone numbers of employees can be used in the careful crafting of a social engineering attack.
There's an increased risk of theft or a security breach when confidential information is in full view, whether it’s on a screen that has been left logged on, or papers casually left on a desk.
The ICO found that loss and theft of paperwork accounted for almost 14% of data security incidents in 2017, and research from Shred-it found that one in four (27%) employees confessed to leaving work documents or notebooks on their desk, while one in six (16%) leave their computer on and unlocked when they leave work for the day.
It’s important to remember that all these lapses in security are classed as data breaches, just as incidents caused by cyber-attacks are, and under the GDPR organisations are just as liable.
Keeping a clean desk and clear screen at work is vital in preventing against information theft and data breaches. It reduces the chance of sensitive information being viewed or taken by someone who doesn’t have permission, whether it’s another employee or visitor to the office.
Information is an asset, and like any other business asset it is valuable and must be protected. Every employee plays an important role in safeguarding the information security of the company and keeping a clean desk and clear screen will ensure the workplace remains safe and secure.
To reduce the chance of information falling into the wrong hands, employees should follow the below guidelines:
The MetaCompliance product range has been created to meet the needs of businesses operating in a constantly evolving cyber security landscape. Contact us for further information on how we can help improve cyber security awareness within your organisation.