The Clean Desk Policy

Recently my company implemented a clean-desk policy.  At first this change came to a shock to many employees, and I must admit it takes time to get used to the concept.

Basically every time an employee leaves his/her desk they must clear off any and all paperwork from their desk and lock it in their drawer.  We were never told why this policy was being implemented but I have a few ideas.

Identity Theft Protection -> If you think about it, anything left on your desk could be quite easy used to steal yours (or your clients) identity.  Something as simple as jotting down personal information on a piece of paper could be stolen and sold to the highest bidder. This is especially true of you or your client happens to be working with any major finance/banking products.


Violation Privacy Laws -> Many countries have implemented privacy laws, and privacy has become one of the top considerations for consumers when deciding where/how to purchase products from. Many new laws require your company to report all ways in which you use your clients information, and require you to report any potential "loss" of that information. The same way as if you lost a customers personal property.

Insider Trading -> It could be something as easy as your janitorial staff seeing something on your desk about the companies latest business acquisition or finances. It is human nature to be nosy and leaving information out for others to see it practically begging someone to look at it.

Lost Passwords -> Do you know how many people, write their passwords down on pieces of paper or sticky notes?  Think about it.  In today's "security" conscious world we are required to change our passwords constantly. Howe can we possibility remember them all?  I find it ironic that many password policies require such a complex password choice, that people have to write the password down in plain sight of others which seems to defeat the purpose, in my opinion.

So a clean desk policy (if implemented properly) will help mitigate these concerns, but it cannot prevent them entirely. We are human and even the best of us make mistakes. That's why in addition to such a policy it is also good idea to have services like IdentityHawk to help safegaurd your assets and give your some extra piece of mind.