Gretel Egan | October 06, 2016

Three Clean Desk Habits to Implement Today

Last updated: September 5, 2018


It’s important to recognize that very few (if any) office environments are completely secure. Vendors, cleaning crews, landlords, service providers … these “outsiders” are all likely to have access to your work area in some capacity or another. In addition, your job very well may require you to handle sensitive data and files that other coworkers should not be privy to.

You need to think about maintaining your “circle of trust” — and these simple day-to-day habits can make a difference both in the office and out.

Tip #1: Don’t Write Down Your Passwords

We definitely get it: Password management is a huge challenge. With virtually every system, app, and website requiring you to create a login — and with all reputable cybersecurity advisors cautioning against reusing passcodes — it’s almost impossible to remember all the complex passwords you’re asked to manage on a day-to-day basis.

Even so, writing your credentials on a sticky note or sheet of paper is not a safe choice. We’ve heard many stories of password lists found under mouse pads and keyboards, and in unlocked desk drawers. It could take just a moment for someone walking by to snatch up a list that’s left in an unsecured location. If a cybercriminal accesses a system using your credentials, you could be in the hot seat.

There are ways to simplify password management and make your life a little easier. Consider these pieces of advice:

  • Password managers are a good option for electronic management of your login credentials. Approach your IT team for advice or do some research to identify well-reviewed and reputable options.
  • If you want to go it alone, passphrases can be easier to remember than complex passcodes. Opt for something that is personal to you, but makes sense for the site you are visiting. If you are creating an account for an online bookstore, for example, think of something like “Scarlett O’Hara Is My Hero” or “I <3 2 read Sci-Fi.”
  • Be particularly diligent with systems and sites that are high-value targets: corporate and personal email accounts, banking and payment sites, social media accounts, etc. Because attackers will try to use compromised credentials across multiple systems, you should never repeat passwords across these types of applications.


You can find additional cybersecurity tips and advice throughout the Wombat Blog.

Become a Subscriber


Tip #2: Lock It Up

One of the simplest and most effective ways to ramp up cybersecurity is to lock up items that aren’t in use. Keep these easy, relatively low-tech best practices in mind:

  • When you step away from your computer, even for just a few minutes, lock the screen to prevent unauthorized access. Take small mobile devices (smartphones and tablets) with you whenever possible. Otherwise, lock them in a drawer or cabinet.
  • At the end of your work day, power down your devices and lock up any portable electronics that you are leaving behind (laptops, tablets, smartphones, etc.).
  • Secure sensitive files and data at all times. Don’t leave folders, calendars, planning notes, or portable storage media (like CDs or flash drives) accessible to unauthorized individuals.
  • Don’t leave your access cards and fobs unprotected. If you aren’t carrying them with you (which is recommended), secure them in a desk drawer or cabinet.

Tip #3: Think Beyond the Desktop

In addition to sensitive papers and data that might be visible on your desk itself, you should consider items like whiteboards and printers. Many brainstorming sessions and project plans are noted on whiteboards, and you or a coworker should erased sensitive information once a meeting ends. (If you need to capture notes for future viewing, take a picture with a smartphone. You can upload it to a secure server, then delete it from your device.)

You should also take steps to ensure that confidential printouts are not left on printers in public areas. Make it a habit to utilize secure printing functions (which require you to enter a code at the unit to initiate a print job) whenever possible. This helps to eliminate situations in which sensitive materials are forgotten about and, as a result, data security is compromised.

Subscribe to Our Blog

2018 State of the Phish Report  Protect your organization from phishing attacks. Download Now
2018 Beyond the Phish Report  Protect your organization from threats including and beyond phishing. Download Now