Cybersecurity Tips for Employees Series (Week 2): Physical Security Precautions

Welcome to this week 2 in the series on Cybersecurity Tips for your employees.  Today we will be covering Physical Security Precautions, that while sound simple in practice can have a great impact on keeping business information secure.

Keep a Clean Desk

It sounds so simple, but keeping a clean desk is quite often overlooked when talking about data security. It’s also the perfect place to start the discussion with employees.

Employees that keep a cluttered desk tend to leave USB drives and smartphones out in the open. They also often forget to physically secure their desktops and laptops either by locking their screen when they step away from their desk, or by locking portable devices away when not in use so someone can’t simply walk off with them.

A messy desk also makes it difficult to realise things such as a folder with hard copy print-outs of customer lists are missing. In addition to increasing the likelihood of something being removed, a cluttered desk means that the discovery of any theft will likely be delayed, potentially by days or even weeks if the employee is out of the office. Such delays make it more difficult to determine who the perpetrator is and where the stolen material might have gone to.

Encouraging employees to maintain a tidy desk pays off in two ways. In addition to making digital and paper assets more secure, employees with clean desks are more likely to be more productive because they can quickly and safely access the tools and resources they need to do their jobs.

The Common Messy Desk Mistakes to Avoid

The following list presents 11 “messy desk” mistakes employees are prone to commit and which could cause irreparable harm to the business, the employee, fellow employees, customers and business partners.

These are all bad habits for which to educate employees to stop:

1. Leaving computer screens on without password protection: Anyone passing by has easy access to all the information on the device; be sure to lock down screen settings.
2. Writing user names and passwords on slips of paper or post-its: This is especially important given that user names and passwords are typically used to log in to more than one site.
3. Placing documents on the desk that could contain sensitive information: It’s best to keep them locked up in drawers and file cabinets.
4. Forgetting to shred documents before they go into the trash or recycling bin: Any document may contain sensitive information; it’s best to shred everything rather than taking a risk.
5. Failing to close file cabinets: This makes it easy for someone to steal sensitive information and more difficult to realize a theft has occurred.
6. Setting mobile phones and USB drives out in the open: They likely contain sensitive business or personal information and are easy to pick up quickly without being caught in the act.
7. Neglecting to erase notes on whiteboards: They often display confidential information on products, new ideas and proprietary business processes.
8. Dropping backpacks out in the open: There’s often at least one device or folder with sensitive information inside.
9. Leaving behind a key to a locked drawer: This makes it easy to come back later—perhaps after hours when no one is around—and access confidential files.
10. Displaying calendars in the open or on the screen for all to see: Calendars often contain sensitive dates and/or information about customers, prospects and/or new products.
11. Leaving wallets and credit cards out on the desk: This is more likely to impact the employee, but wallets may also possess corporate credit cards and security badges.

In today’s fast-paced world where employees are always on the go, it takes too much time to determine whether documents, USB drives, devices and other items contain sensitive information. The safe bet is to make sure everything is filed away and kept locked up or else properly destroyed.

Stay tuned for next week’s’ chapter on Email Threats

Contact Us Today