Skip to Main Content

Standard 21 - Clean Desk Policy



  1. To improve the security and confidentiality of University data, UNF has adopted a clean desk policy for workspaces. This ensures that all sensitive and confidential information, whether on paper, storage media, or hardware is properly secured and protected from unauthorized view. This policy reduces the risk of unauthorized access, loss and damage to information during and outside of normal business hours or when workstations are left unattended. A clean desk policy is an important security and privacy control.
  2. Users must ensure that all restricted or controlled data in hard copy or electronic form is removed from their workspace and secured in a drawer when the desk is unoccupied at the end of the workday. (See UNF Data Classification and Security Policy for full definitions and examples of sensitive and controlled data). Any breach of UNF data must be reported to the IT Security team.
    1. File cabinets containing sensitive or controlled information must be kept closed and locked when not in use or when left unattended.
    2. Computer workstations must be locked when the workspace is unoccupied.
    3. Laptops, tablets and any other portable computing device must be either secured with a locking cable or locked in a drawer or secured room when not in use.
    4. Passwords may not be written down in an accessible location.
    5. Printouts containing restricted or controlled information should be immediately removed from the printer.
    6. Restricted or controlled documents must be shredded upon disposal.
    7. Whiteboards containing restricted or controlled data must be thoroughly erased.
    8. Portable storage devices such as CDs, DVDs, hard drives, USB drives, etc. containing restricted or controlled data must be secured in a drawer when not in use and data must be encrypted.
    9. Keys used to access restricted or controlled data must be secured in a locked desk.
    10. Supervisors must verify compliance with this policy through various methods including periodic walk-throughs of work areas.

Return to the ITS Policies and Procedures List