6.08 CLEAR DESK AND CLEAR SCREEN
Effective: August 15, 2024
Purpose: Emporia State University is committed to maintaining the confidentiality, integrity, and accessibility of the information assets it owns or controls. To assist in this effort, policies, standards, and guidelines will be developed and promulgated throughout the University community.
When a work area is left unattended, anyone passing by could have access to all information left on or around the desk as well as all electronic information that a user has access to if that user remained logged on their workstation.
This policy sets out to ensure that all forms of information used in and around a work area is protected from unauthorized viewing or altering while that area is unattended.
Scope: This policy applies to all persons entrusted with access to information classified as sensitive or confidential pursuant to the policy on Information Classification.
Responsible Office: Information Technology
Policy Statement: Supervisors are responsible for ensuring that their employees follow this policy. Information Technology (IT) is responsible for monitoring University workstations for compliance with this policy.
All users are expected to protect the information for which they are responsible. This includes:
- Configuring a screensaver password as per Screensaver Standards.
- Paperwork containing information classified as sensitive or confidential pursuant to the policy on Information Classification will not be left in full view of unauthorized personnel.
University information classified as sensitive or confidential pursuant to the policy on Information Classification should not be left visible to visitors in a work area, whether the information is in electronic or paper form.
The Information Security Officer (ISO) is responsible for monitoring and reporting compliance with this policy. The ISO is responsible for reviewing this policy annually.
Definitions: All words and phrases shall be interpreted utilizing their plain meanings unless otherwise defined in another University or Board of Regents policy or by statute or regulation.
Procedures: All procedures linked and related to the policies above shall have the full force and effect of policy if said procedures have first been properly approved by the University’s administrator in charge of Information Technology.
[Information Technology procedures - coming soon]
Related Policy Information: [coming soon]