17.3.22 IT Asset Security
All users are responsible for preventing the theft of IT assets. Users shall ensure following controls in order to prevent theft of, or unauthorized access to IT Assets.
- IT Assets except mobile devices shall be locked with security wire in all publically accessible locations, or where the asset has accessed data of classification of ’Confidential’ or above
- IT Assets must be securely stored in locked drawers or cabinets when not in use
- Screen lock functions must be configured to activate automatically after no longer than 5 minutes