The General Department of Cybersecurity

Objectives:

This policy aims to comply with cybersecurity requirements and the legislative and regulatory requirements related to the clean desk practice at the Islamic University. It establishes clear procedures and guidelines, as well as minimum requirements, to maintain a clean and secure desk and the methods by which this can be achieved, while focusing on the fundamental protection objectives of information confidentiality, integrity, and availability.

Scope and Applicability:

This policy applies to all employees of the Islamic University.

General Provisions:

• Any sensitive or confidential data or files must be removed from the desktop surface.

• Before leaving the office, ensure that your device screen is secured.

• Official and confidential documents and records must be stored in locked cabinets protected against disasters, fires, and theft.

• Avoid leaving keys to file cabinets or other secure storage locations on desks or in unsecured places.

• Avoid leaving any important information or documents unattended on desks, printer trays, photocopiers, or scanners.

• Adopt a paperless work culture by avoiding printing confidential documents unless necessary and refraining from using sticky notes on screens or under keyboards.

• Users must log out of their accounts on systems and applications when not in use.

• Ensure that no notes or hints related to your passwords are left on your desk, displayed on the computer screen, or stored in any manner that allows others to view them.

• Users must exercise caution when encountering USB storage devices or external hard drives from unknown sources and promptly submit them to the General Department of Cybersecurity for appropriate action.

• Remove any remaining information and documents from meeting rooms and destroy all papers used during meetings (for example, using a paper shredder).

• Sensitive information must be removed from printers immediately after printing.