Establish, document, approve, communicate, apply, evaluate and maintain policies and procedures that require unattended workspaces to not have openly visible confidential data. Review and update the policies and procedures at least annually.
| Capability ID | Capability Description | Mapping Type | ATT&CK ID | ATT&CK Name | Notes |
|---|---|---|---|---|---|
| HRS-03 | Clean Desk Policy and Procedures | mitigates | T1052.001 | Exfiltration over USB |
Comments
This control can help prevent adversaries attempting to exfiltrate data via a USB connected physical device, through mechanisms such as automatic screen locking and automatic session logout.
|
| HRS-03 | Clean Desk Policy and Procedures | mitigates | T1052 | Exfiltration Over Physical Medium |
Comments
This control can help prevent adversaries attempting to exfiltrate data via a physical medium, such as a removable drive, through mechanisms such as automatic screen locking and automatic session logout.
|
| HRS-03 | Clean Desk Policy and Procedures | mitigates | T1098.003 | Additional Cloud Roles |
Comments
This control includes account management controls such as enabling multi-factor authentication (MFA), which can help prevent adversaries from creating or manipulating accounts.
|
| HRS-03 | Clean Desk Policy and Procedures | mitigates | T1098.001 | Additional Cloud Credentials |
Comments
This control includes account management controls such as enabling multi-factor authentication (MFA), which can help prevent adversaries from creating or manipulating accounts.
|
| HRS-03 | Clean Desk Policy and Procedures | mitigates | T1098 | Account Manipulation |
Comments
This control includes account management controls such as enabling multi-factor authentication (MFA), which can help prevent adversaries from creating or manipulating accounts.
|
| HRS-03 | Clean Desk Policy and Procedures | mitigates | T1556.007 | Hybrid Identity |
Comments
This control includes account management controls such as enabling multi-factor authentication (MFA), which can help prevent adversaries from modifying or manipulating authentication mechanisms.
|
| HRS-03 | Clean Desk Policy and Procedures | mitigates | T1556.006 | Multi-Factor Authentication |
Comments
This control includes account management controls such as enabling multi-factor authentication (MFA), which can help prevent adversaries from modifying or manipulating authentication mechanisms.
|
| HRS-03 | Clean Desk Policy and Procedures | mitigates | T1556 | Modify Authentication Process |
Comments
This control includes account management controls such as enabling multi-factor authentication (MFA), which can help prevent adversaries from modifying or manipulating authentication mechanisms.
|
| HRS-03 | Clean Desk Policy and Procedures | mitigates | T1113 | Screen Capture |
Comments
This control can help prevent adversaries attempting to exfiltrate data via screenshots through mechanisms such as automatic screen locking and automatic session logout.
|
| HRS-03 | Clean Desk Policy and Procedures | mitigates | T1530 | Data from Cloud Storage |
Comments
This control can help prevent adversaries attempting to access data from cloud storage through using multi-factor authentication to restrict access to resources and cloud storage APIs.
|
| HRS-03 | Clean Desk Policy and Procedures | mitigates | T1485 | Data Destruction |
Comments
This control can help prevent adversaries attempting to destroy data and files on specific systems or in large numbers on a network through Implementing multi-factor authentication (MFA) for cloud storage resources to prevent unauthorized deletion of critical data and infrastructure.
|