Cybersecurity isn’t only digital — learn how physical security practices protect your organisation’s information.
Physical Security and the Clean Desk Policy
Digital security controls protect nothing if an attacker can simply walk up to an unlocked computer or photograph a whiteboard full of sensitive information. Physical security is the foundation everything else is built on.
Why Physical Security Matters
An attacker with physical access to a device can:
- Boot from a USB drive to bypass Windows/macOS login entirely
- Extract the hard drive and read it in another machine
- Install a hardware keylogger to capture every keystroke
- Access files left visible on screen
- Take photographs of sensitive documents, whiteboards, or screens
⛔ Important
A locked door and a clean desk prevent attacks that no antivirus or firewall can stop. Physical access often bypasses every technical security control you have in place.
The Clean Desk Policy — Checklist
The Screen Lock Rule
Every time you leave your desk — even for 2 minutes — lock your screen.
- Windows:
Win + L - macOS:
Cmd + Ctrl + Q - Or set auto-lock to trigger after 2–5 minutes of inactivity
✓ Key Point
Make screen locking a reflex. The keyboard shortcut takes less than a second. Practice it until it’s automatic — you should lock your screen before you stand up, not after.
What Must Never Be Left Visible
| Item | Safe Handling |
|---|---|
| Printed customer/patient data | File or shred immediately — never leave on desk |
| Passwords written down | Never write them down — use a password manager |
| Confidential meeting notes | Lock in a drawer; shred when no longer needed |
| USB drives with data | Lock away or return to IT when not in use |
| Visitor passes / ID cards | Collect and deactivate immediately after the visit |
| Whiteboards with sensitive info | Erase before leaving the room |
Tailgating and Access Control
Never hold secure doors open for people you don’t know. Politely direct unrecognised visitors to reception. This is not rude — it is a security requirement.
If you see someone in a secure area without a visible badge, report it to security or reception immediately.
⚠ Warning
Attackers dressed as delivery drivers or maintenance staff are a common physical security threat. Always verify with reception or your facilities manager before allowing anyone unescorted access to server rooms, storage areas, or other secure zones.
Printing Sensitive Documents
- Retrieve printed documents immediately — don’t leave them in the tray
- Use PIN-protected printing (where available) so documents are only released when you are physically at the printer
- Shred sensitive documents using a cross-cut shredder — strip-cut shredding can be reassembled
Would an unlocked screen undo all your security?
The best firewall in the world can’t stop someone sitting down at an unattended, unlocked PC. Mobile Techs IT Service helps Gold Coast businesses close the physical gaps: automatic screen-lock and device policies enforced across every machine, full-disk encryption so a stolen laptop or drive is useless, secure wiping and disposal of old computers and hard drives, and practical office IT setups that make the secure way the easy way. Home users welcome too — on-site or remote, anywhere in Australia.
Tighten up the physical side → or call 1300 644 588

