- Incident management: Develop and test an incident response plan.
- Continuous improvement: Conduct cybersecurity audits and penetration testing to assess the maturity of your organisation and the effectiveness of the policies in place and to identify vulnerabilities in your critical systems.
- Access management: Ensure secure access to all your systems and limit access privileges.
- Physical security: Improve access to installations, implement clear screen and clear desk policies, and secure printing.
- Update management: Apply updates and security patches regularly and systematically.
Definition: Clear screen and clear desk policiesClear screen and clear desk policies are security policies that aim to minimise the risk of breaches of sensitive or confidential data. They require users to clear all sensitive information from computer screens and work surfaces before leaving their workstation.
- Clear screen policy: This policy requires users to shut down or lock their computer when they are not at their workstation. This means that their screen will not show sensitive information that can be viewed by unauthorised persons.
- Clear desk policy: This policy requires users to store all sensitive information and paper documents in a secure location when they are away from their workstation. This stops sensitive information from falling into the hands of unauthorised persons