Why have a Clean Desk Policy
What is a Clean Desk Policy?
A clean desk policy instructs that all employees must clear their desks at the end of each work day. This not only includes documents and notes, but any post-it notes, businesses cards, and removable media (e.g. USB memory sticks).
Following a clean desk policy will help your organization reduce the risk of information theft, fraud, or a security breach caused by sensitive information being left unattended and visible in plain view.
The Benefits of a Clean Desk Policy
A clean desk policy should be adopted because of the numerous benefits it can provide your organization.
- Save Time and Money
In America,According to an IDC report, a typical employee in an organisation spends 2.5 hours a day searching for information. Assuming the workers in the organisation earn $80,000 a year, a 1000-person organisation loses approximately $2.5 million dollars a year from the inability to locate and retrieve information.
A clean desk policy will encourage employees to use digital versions of documents, significantly reducing your organization’s costs of paper, ink toner, and printer maintenance.
- Make Good Impressions
Who knows who and when someone will visit your office? A clean and tidy work space makes your organisation look efficient and presentable to anyone who decides to visit, including the auditors!
- Easy ISO Compliance
A clean desk policy is not only ISO 27001/17799 compliant, it also complies with basic privacy principles.
UK’s Data Protection Act requires organisations in the UK to ensure that personal information is kept secure.
- Discourages Prying Eyes
Employees usually leave sensitive information on their desk.
Post-it notes are usually the worst culprit, containing names, phone numbers, and even user names and passwords visible in plain view. These habits encourage dishonest employees, cleaning crews, and maintenance staff to view information they should not have access to.
- Reduce Stress
A place for everything and everything in its place. When your employees are organised they can spend more time concentrating on work rather than feeling stressed because they can’t find a report due in the next 10 minutes.
Implementing a Clean Desk Policy
You are convinced that your organisation needs a clean desk policy. Great! Here are a few steps to help you implement a policy.
Put it in Writing
A clean desk policy should be in writing and communicated to all employees, especially during introductory and refresher training. Consequences for failure to comply should be serious yet practical, especially if your organisation works with much sensitive information. Have all employees sign the document for approval.
Add a Reminder to Email Signatures
You have probably seen it below many email signatures: Please consider the environment before printing this email. If your organisation uses standardised email signatures, consider having this reminder added to the bottom.
Lockable Storage
You can’t implement a clean desk policy if you have no where for employees to put their documents. Consider purchasing small, lockable storage boxes for employees that fit under their desk.
Encourage Electronic Documents
Have employees work with electronic documents whenever possible. Without the need to print and work with physical papers, your employees will always have a clear desk whenever they log out of their computers.
Get Rid of Documents Securely
Your employees should never throw any work-related documents into the waste basket. Once rubbish leaves your company’s doors, it becomes public property. Nothing can ruin your organisation quicker than careless employees throwing sensitive information into a waste basket. Your organisation does not want to be on the front page of the newspaper for exposing sensitive information.
Implement a document destruction policy to ensure all documents are disposed of securely.
Perform Routine Backups
If you discourage employees from using physical documents, make sure your organisation has a dependable backup routine in place. Employees need to know that their documents will be safe in the event of a power loss or hard-drive crash.
Enforcing a Clean Desk Policy
Implementing a clean desk policy and having a nonchalant attitude towards enforcement will render your policy useless.
Random Checks
Have someone conduct random weekly checks, possibly at the end of a work day. All papers, notes, post-its, or any other documents containing sensitive information should be shredded immediately. Removable media, such as CDs or memory sticks can be confiscated temporarily.
Upper Management Support
A clean desk policy needs to be taken seriously — especially with all levels of management. If your employees see that upper management does not have to abide by the policy, they will soon lose faith.
The fact that upper management usually handles more sensitive documents should reinforce the need for a clean desk policy for all employees regardless of their status within the organisation.
Contact Fidelis on 0121 289 3258 if you would like to speak to us about how we can help make your business cleaner, safer and more efficient.