Have you ever been shoulder-surfed?
No. It is not a new water sport and if you have been shoulder-surfed, chances are that you didn’t even know it had happened.
Shoulder-surf is a term used to describe a situation when someone intentionally looks over your shoulder to read your phone, tablet or computer screen. The aim is to watch you enter sensitive information such as a username and password and usually happens in a crowded space such as the line at the ATM (as you enter your PIN) or on an airplane or when using a train or a bus.
Where is Visual Hacking possible?
Today’s trends are all about being flexible and being able to work at a “hot desk” and in relaxed open space offices. Working from coffee shops is also very common. Just take a quick walk around the office or the nearest WiFi enabled coffee shop and you will see screens everywhere. If you spent a bit of time, you will note exactly what’s on the screen, and if you snap a photo with a high-resolution cell phone camera, you will even be able to zoom into the screen and read the info.
The best opportunity to read confidential information is when sitting on a plane on the morning or late flight which is usually packed with businessmen and women heading to meetings. They usually make final changes to their presentations or notes and this is where anyone sitting around them have full view of their screen – and the confidential presentation they are about to present. I have seen information ranging from corporate year-end financial information to network diagrams to schematics of a “secret” storeroom.
How much of a problem is Visual Hacking?
Is “VERY” a technical term?
3M sponsored a Global Visual Hacking research by Ponemon Institute which was conducted in offices in China, France, Germany, India, Japan, South Korea and the United Kingdom. The aim of the experiment was to show how simple it was to capture sensitive company information through visual hacking.
The results of this experiment showed that:
- An undercover white hat hacker was able to visually hack information in 88% of the U.S trials.
- In nearly half of the U.S. trials an undercover visual hacker was able to capture information in 15 minutes or less.
- An undercover visual hacker in the U.S. saw an average of 5 pieces of sensitive information per trial, including corporate financials and confidential employee and customer information.
- The visual hacker was stopped in only 30% of attempts in the U.S. Meaning 70% of the time no one did anything to stop them
(get the Infographic here)
What can you do about Visual Hacking?
The 10th Annual Data Privacy Day is coming up on the 28th of January and this day is earmarked to raise awareness of privacy of information and data protection best practices. For this worthy cause I am working with 3M who designed the ideal solution for those who value their privacy but still want to be able to work in a public space – the 3M™ Privacy Filter.
The 3M™ Privacy Filter is a filter which is applied to your computer or mobile device and ensures that only you can see your screen and anyone who attempts to side-glance at your screen will only see a “black-out” view. If you have a touchscreen device, 3M has a touch screen version of the filter so you don’t lose that functionality.
5 Simple Tips to prevent Visual Hacking?
- If you are a mobile user who uses your phone, tablet or laptop outside of a secure office environment, then simply fit the 3M™ Privacy Filter.
- Ensure that your office computers have a screensaver that automatically starts after 1 minute or two of inactivity. This will ensure that no screen is left permanently on revealing the information on the screen.
- Ensure that public areas such as reception area, waiting room, coffee station and any places where people have an excuse to linger, are not facing any computer screens.
- In crowded spaces especially bus, train, plane, if you don’t have the 3M™ Privacy Filter you will need to keep your screen tilted down and away from people around you.
- Just like on a computer, ensure that your mobile phone and tablet have a screen timeout set to 1 minute so it switches off when not in use.
The reason visual hacking is should be a concern for you and your business is because it’s simple and anyone can do it without any tools and without leaving a trace. so technically, anyone could be a visual hacking spy….
feeling vulnerable yet ?
This is a sponsored conversation written by me on behalf of 3M. The opinions and text are all mine. @3Mscreens #privacymatters