Beat business spies with a clean desk policy

Do you need a clean desk policy?

You’ve studied up on malware and hackers. Maybe you’ve beefed up the IT department and designed a fierce cyber security program with firewalls and multiple backups. Perhaps you’ve even educated your team, warning them about opening unfamiliar attachments.

But what if the biggest threat to corporate information security is a simple paper document, sitting on your CEO’s desk, covered in crumbs from a ham and cheese sandwich?

Believe it or not, experts today say old-school, offline spying costs businesses way more than online spying.

Old-school espionage costs $1.1 trillion a year

A recent report from the world’s largest security firm, G4S, estimates that offline espionage costs businesses a staggering $1.1 trillion annually. That’s far more than the $4 billion companies lose to online hackers.

The report’s author, Bruce Wimmer, is the leader of counter business espionage at G4S and author of Business Espionage: Risks, Threats, and Countermeasures. He recalled one recent case in which a spy posing as a new intern managed to swipe piles of sensitive documents off messy desks, along with two unsecured laptops.

Today’s spies are sophisticated

This was a professional espionage job. The spy found an intern and sent him a letter saying his orientation was delayed. He then arrived on time, bearing a fake passport with the intern’s name. He lured two managers away to bogus meetings, leaving their computers unattended.

Especially relevant, the spy made off with detailed strategic plans, financial information and both computers. It was a significant, damaging security breach that had nothing to do with the internet.

The Solution: A Clean Desk Policy

One of the best things you can do to prevent offline corporate espionage is to put a clean desk policy in place. In general terms, a clean desk policy requires staff to keep their desks clear. It also requires staff to lock up or shred all documents before they head out for a coffee break.

Here are three simple steps to implementing a clean desk policy in your organization:

#1

Provide staff with the tools they need to lock things up

First of all, if you want your team to secure sensitive documents, you need to provide filing and storage cabinets that lock. Furthermore, be sure to provide digital tools like time-activated screen savers and password protection to keep prying eyes from sensitive on-screen material.

#2

Control access to printers and photocopiers

Encourage a paperless office by storing records off-site and having those you need delivered on request. Furthermore, restrict the use of printers and photocopiers by giving unique code or key cards to authorized users. Make sure employees pick up printouts quickly, because by reducing the number of copies and printouts, you’ll immediately lower the risk of data leaks.

#3

Establish secure shredding stations and make sure your team members use them

Partner with a trusted, professional shredding company to set up secure shred bins where staff can confidently deposit sensitive materials for destruction. Unlike the messy personal shredders you might have under your desk, the professionals can handle high volumes of paper. They will also ensure that your documents are kept safe until they are properly destroyed.

Making sure your team is on board

One of the greatest challenges to implementing a clean desk policy is regular, effective enforcement. Help your team succeed by explaining the policy clearly and providing scheduled time for filing and shredding. In conclusion, establishing a clean desk policy is one of the simplest and most powerful steps you can take to improve your corporate security.

Ready to initiate a clean desk policy?

The first step is to help your team destroy the piles old, sensitive documents on their desks. Set aside some time for a corporate shred day. Partner with a trusted shredding company, because professionals can provide the equipment, transportation, and destruction services you need.

Discover more, now

Want to increase data protection awareness in your office?

Get Corodata's new poster delivered right to your inbox: "7 Data Breach Risks in Your Office You Never Thought Of." Download, print, and hang it to keep data protection at the forefront with your employees.