However, it rarely occurs to us that a threat may be lurking in our office, and how we secure our workplace is crucial for ensuring the safety of people whose data we process in our daily work. Two rules play an essential role here - clean screen and clean desktop.
The clean screen rule
Each and every time you leave you workplace, you should make sure that no one will have access to the data stored on your company computer while you are absent.
First, it is a must to work out the habit of logging out of your system every time you leave your computer unattended. You can speed up the logout process by using the WINDOWS + L key combination, which, when pressed, will lock the screen.
Secondly, your computer should have a screen saver that turns on automatically after a certain period of user inactivity and protects the monitor with a password.
The clean desktop rule
It is to ensure that data is stored on network resources (for example on One Drive or a file server) instead of on a local drive – namely, directly on the desktop. The benefit of complying with this rule is preventing third parties from viewing files and folders stored on the computer and making it difficult for them to access them. Remember that only the icons of standard software, business applications and folder shortcuts may be placed on the desktop, provided that the names do not contain any personal data, information about ongoing projects or clients.
What can non-observance of the above rules lead to?
In the most optimistic scenario, it will end, for example, with sending an e-mail on your behalf inviting colleagues from work for doughnuts or coffee, in the less optimistic one - an outsider may:
- seize your access passwords (to your company mailbox, Facebook, etc.),
- take a picture of your screen – you should assess the importance of such an event yourself, depending on what you work on,
- gain access to documents and knowledge on topics that you are obliged to keep confidential.
Do not forget that the system will identify any activities performed on your access account by another person as activities performed by the account owner, namely you.