Visual hacking is a real problem for businesses worldwide

To protect sensitive information from cyberattacks, most employers have detailed security policies in place.  We’re required to change our passwords on a regular basis; computer systems have firewalls that prevent access to servers; our IT departments install authentication software to make computers more secure. The list goes on.

But low-tech methods, such as visual hacking, are often overlooked, yet are among the easiest to adopt. Defined as the act of viewing or capturing sensitive, confidential and private information for unauthorized use, visual hacking is easy to do, thanks to the explosive use of mobile devices and open-office layouts.

We wanted to find out just how prevalent visual hacking is in the U.S. So in 2015, Ponemon Institute  conducted an interesting experiment sponsored by our client 3M. In the experiment, a “hacker” assumed the role of temporary office worker and was assigned the task of visually hacking sensitive information. (Don’t worry; this was cleared by participating companies in advance!)  3M also sponsored an expanded experiment in 2016 to include offices in China, France, Germany, India, Japan, South Korea and the United Kingdom. (Access the full global study report here)

The results were alarming:

More than ever, businesses and their employees need to take additional steps to protect data. Whether working in the office or remotely in public spaces, or while traveling, there are some simple tips Ponemon Institute recommends to protect sensitive information displayed on desktop monitors, laptops, tablets and smartphones:

  1. In open office environments, adopt a clean desk policy, angle computer screens away from hallways and office doors, and log off devices before leaving them unattended.
  2. All organizations should institute a visual privacy policy that outlines the specific actions, procedures and best practices to prevent the display of important data in plain sight.
  3. Ongoing employee (and contractor) training and awareness programs should be an integral part of an organization’s security and privacy strategy.
  4. While organizations are increasing budgets to combat cybersecurity, they should allocate resources to support a stronger visual privacy strategy as well.
  5. Limit employee access to sensitive information while working in open or public spaces to help reduce the risk of a potential data breach.

And my personal advice, albeit biased:  Provide 3M privacy screens to all employees who handle sensitive information, travel or work in remote locations.

Visual hacking is real. Admit it. At one time or another, you’ve glanced at the screen of the person next to you on an airplane. Thing is, others have done the same to you.

Still not convinced? Check out these related articles on visual hacking:

http://www.healthcareitnews.com/news/visual-hacking-bigger-threat-security-professionals-might-think

http://www.darkreading.com/vulnerabilities—threats/a-hidden-insider-threat-visual-hackers-/a/d-id/1323602

http://www.federaltimes.com/articles/new-breed-of-it-professional

Related Posts: The Seeds of Change – Food Thoughts from Food Systems Heroes The Value of DX in Product Development The Value of DX in Product Development Google Search is switching to a mobile-first index. 2017 Digital Trend Predictions The 2020 Health Care Provider Forecast: 6 Key Themes You Need to Know