3M is warning businesses of the dangers of visual hacking, following a recent experiment that demonstrated just how easy it is for intruders to steal information from offices in plain sight of employees.
In the experiment by Ponemon Institute for 3M, a white hat hacker posing as a contractor/part-time worker roamed the offices of eight US companies, attempting to obtain corporate data in full view of other office workers.
In 88% of instances, the hacker was able to steal corporate information, such as confidential/classified documents and employee login credentials, by reading or photographing data displayed on computer screens and by removing printed documents left on desks and printers.
Just over half (53%) of the sensitive information collected was read from unprotected computer screens, with the remainder (47%) coming from printed documents taken from desks (29%), printer bins (9%), copiers (6%) and fax machines (3%).
The easiest hunting grounds are open plan offices, where an average of 4.4 information types were visually hacked, compared to 3 information types in traditional cellular office layouts.
As organisations are unable to rely on employees to be vigilant – in 70% of incidences the hacker was not accosted even when using a smartphone to take a picture of someone’s screen – 3M is advising businesses to make better use of privacy controls, including privacy screen filters for desktop and mobile computers, password-protected screensavers, clean desk policies and shredding procedures.
To 3M’s list should be added secure print and follow me printing solutions, which can reduce the risk of visual hacking and save money by eliminating unnecessary printing.