When it comes to cybersecurity, keeping a clean desk is often overlooked, even though it makes sense and seems so simple. It’s important to realize that very few (if any) workplaces are entirely secure. Vendors, cleaning crews, maintenance staff, landlords, and other service providers will all likely have access to your workspace. Additionally, some employees may be handling confidential information and documents to which other employees shouldn’t have access. So, here are three clean desk habits you should encourage your team to implement this year.
Habit #1: Don’t Write Down Your Passwords
Managing passwords is a significant challenge, and we completely understand that. It’s nearly impossible to remember all the complex passwords you’re required to handle daily since almost every system, app, and website requires you to create a log in. Plus, according to all cybersecurity experts, you should never reuse a password. However, it’s not a good idea to write down your credentials on a sticky note or piece of paper that you keep nearby in your workspace. We’ve heard numerous stories of password lists discovered inside unlocked desk drawers, under mouse pads and keyboards, or even stuck to monitors. Leaving passwords out in the open is dangerous since, in a matter of seconds, any passerby can see it, steal it, take a photo or write it down to use later. Plus, you can find yourself in trouble if a cybercriminal uses your credentials to access a system.
Here are some ways to simplify password management and make your life a little easier.
- Utilize a Password Storage System, like GTS Password Portal. Our system offers tiered access for everyone in your company: you can store personal passwords in your personal portal, and give access to shared passwords through a company portal.
- Turn on Multi-Factor Authentication (MFA) with systems and sites that are high-value targets: corporate and personal email accounts, banking and payment sites, social media accounts, etc. Because attackers will try to use compromised credentials across multiple systems, multi-factor authentication adds an extra layer of security. MFA is especially important for administrators and other high-privileged accounts.
Habit #2: Lock Before You Leave
Locking up items when they aren’t in use is one of the simplest and most efficient ways to increase physical security. Keep in mind these simple, low-tech best practices:
- Locking your computer will prevent unauthorized access when you step away from it, even for a short while. Bring your small mobile devices (such as your smartphone and tablet) with you whenever possible. Otherwise, keep them concealed by locking them in a drawer or cabinet. At the end of your work day, power down your devices and lock up any portable electronics you leave behind (laptops, tablets, smartphones, etc.).
- Secure sensitive files and data at all times. For example, do not give unauthorized people access to folders, calendars, planning notes, or portable storage devices (such as external hard drives).
- Don’t leave your access cards and fobs unprotected. It’s recommended to encourage staff to keep these items on their person at all times, but if that is not possible, they must be locked in a drawer or cabinet.
Habit #3: Think Beyond Your Workspace
In addition to sensitive papers and data that might be visible on your personal workspace, you should keep security top of mind when using whiteboards and printers in shared office spaces. Many offices use whiteboards during brainstorming sessions and meetings. It’s important that before leaving the meeting, all sensitive information is erased. Additionally, you should take precautions so that sensitive papers are not left on printers in public areas. Make it a habit to use secure printing options, which requires a code to be entered at the printer to start a print job.
These are just a few good habits we recommend to help keep your business’s information secure. At GTS, our experts can help create and administer structured security awareness training for your employees, no matter the size of your company. We also offer remote monitoring and management services that keep your business’s security running smoothly, 24/7/365. To learn more about our services, call (904) 606-6011 or email firstname.lastname@example.org today.