During the past couple of years, the workplace has — by necessity — gone through a rapid period of change. During the pandemic, many employees discovered the benefits of working-from-home (WFH) or in other remote workspaces. Others want to be back in the office (whether some or all of the time). Regardless of personal preference, it has become clear that hybrid working models are here to stay. The future office is about people and their activities, rather than a place to go.
Our ever-increasing relationship and dependency on our computer or phone screens remain consistent across all locations. As well as ensuring a consistently high-quality experience in all work environments, there are some privacy and security issues to address. To understand those requirements better, it makes sense to start by looking at the changing workplace in more detail.
For instance, while offices will remain, some are being redesigned to include more collaborative spaces. This is due to businesses embracing that staff may want to perform solitary tasks such as responding to emails or writing reports from home. Yet, brainstorming and team-building may be preferable physically face-to-face. There is also a trend towards making these spaces more informal, even mimicking relaxed home décor.
Of course, people will still want places in the office for solitary tasks. There may be less emphasis on fixed assigned desks and, instead, more hot-desking, though that is likely to evolve too, for instance, to be pre-booked. Employees may work from home on certain days or divide the day between the office and home. Organisations may introduce rotas for when different individuals are in-person at the office to help manage total numbers on site.
There is also the growth of ‘third space working’, with cafés and other locations proactively encouraging people to treat these as temporary offices. A 2021* study by the Business School (formerly Cass), University of London and Goldsmiths, University of London found that flexible workers increasingly value these third space environments — pubs, coffee shops, bars — when working remotely. Benefits cited included providing isolated or lonely workers with the well-being benefits of having other people around them.
In addition, the use of co-location or shared offices is predicted to grow by $13.35 billion between 2021-2025, according to content from Research and Markets** published in September 2021. These professional spaces have the advantage of dedicated workplace facilities, such as good quality WiFi, printers and copiers, meeting rooms, secretarial services and even showers after a lunchtime visit to the gym.
Giving people more choice and flexibility around their work location is to be applauded, but certain privacy and security aspects can be harder to control. Organisations can no longer depend on the traditional ‘castle and moat’ approach to security, based on the assumption that most work would be carried out within a building. So, securing a hybrid workplace must be a priority for business. Plus, with screens increasingly used for work both inside and outside the traditional office, it’s not just digital data that has to be protected. Better visual privacy is a necessity too.
In these more flexible working environments, people will not always know who they are sitting next to, yet may need to access sensitive or confidential on-screen information (such as employee records, salary bonus details, business plans, company financial or legal records). Moreover, even if they do know the person beside them, that person may not be authorised to see the information displayed.
Viewing confidential or sensitive data on a screen — perhaps even using a smartphone’s camera to snap an image — could be exploited for malicious, illegal purposes, such as being sold to a third party, used for identity theft or to perpetrate a cyber-attack. While the number of security breaches attributable to visual hacking is impossible to know, the theory shows that it is a real risk. For instance, in 2016’s Global Hacking Experiment, ‘visual hacks’ were successful in an average of 91 per cent of attempts***.
However, many employees and businesses still do not seem to be taking sufficient measures to reduce the visual hacking risk. For instance, on behalf of 3M, The Ponemon Institute surveyed**** 1,181 business professionals and IT managers in 2021. Only 34 per cent of business managers reported that they could prevent others (including family and flatmates) from seeing their screens when working from home. This is no surprise, considering research by instantprint**** found that 44 per cent of people working from home use the living room, 17% the kitchen, 17% the hallway, all typically shared spaces if there are family or flatmates present. Only 16% had a dedicated home office. 16% use their bedroom or a spare bedroom.
Despite this lack of privacy, the 2021 Ponemon Institute survey also found that only 43 per cent of people interviewed expressed concern about displaying sensitive information on their screens when working remotely. Sixty-four per cent of IT security managers say that they are very concerned that prying eyes will see sensitive information on remote workers screens. Still, at the time of the survey, a mere 40 per cent of their organisations had increased privacy policies since more employees began working remotely.
The risk vector is not just at home. In the same survey, 55% of business managers did not protect their screens from prying eyes when working in an open space (such as a café). This is worrying, especially since 2016’s Public Spaces Survey******, also conducted by the Ponemon Institute for 3M, found that nine out of ten people questioned said they had caught someone looking at data on their laptops in public.
Apart from the security implications of visual hacking, visual privacy is explicit or implicit in some legislation, standards and industry guidelines. For example, the General Data Protection Regulation (GDPR) does not prescribe a set of specific actions but instead requires organisations to think about what compliance requires. Therefore, it is immaterial whether a breach is caused by digital or physical means. Visual privacy is often included within ISO27001 — the international standard for information security – compliance strategies.
The good news is that there are some simple, relatively inexpensive and highly- effective ways to improve visual privacy. Creating greater awareness of the risks of visual hacking and everyone’s responsibilities in its mitigation is a good starting point. Protecting screens with screen-savers and automatic log-ins after a period of inactivity are simple but efficient ways to reduce the amount of time a screen may be visible. Screens should also be angled away from the sight of passers-by.
Better still — especially for those situations where it is challenging to prevent screens from being viewed — privacy filters make all the difference to visual privacy. Screens are only viewable straight-on and within close range of the user: anyone else will see a blank black or gold display. This makes them ideal for hot-desking, third-place, or even home-working situations where there may be different people working (or studying) together with different permissions and tasks. Filters can be applied to monitors, laptops, tablets and even smartphones.
Our dependency on our screens — in the office, at home, or elsewhere — is likely only to continue. In some instances, -engagement with colleagues and customers has shrunk to the size of a screen. So, it is time to rethink the role of digital displays in protecting people and data in the world of hybrid working.
3M is a trademark of the 3M Company.
Link to 3M website for further information: https://www.3m.co.uk/3M/en_GB/privacy-protection-UK/products/privacy-filters/