Facility Security, Part One: Visual Hacking

September 7, 2016

Business executives using computers in office

One of the more sinister and successful ways to steal sensitive information is also one of the easiest to carry out. It’s also an approach that remains fairly off the radar for most facilities managers: visual hacking, or basically, walking around and looking at documents and computer screens.

It may not seem like it but visual hacking can be a serious threat. 3M and Ponemon Institute recently conducted an extensive study on visual hacking in China, France, Germany, India, Japan, South Korea and the United Kingdom. The study found that hackers were able to capture sensitive information in 88% of visual hacking attempts.

In the study, 3M sent white hat hackers into companies in the guise of a temporary worker. The hackers then went around the companies—in full view of the employees—and did the following activities:

  • Scouting for information left out on desks
  • Observing computer screens
  • Observing printers and copy machines
  • Taking pictures of confidential information on computer screens with a smartphone

Based on the results, hackers were:

  • Successful 88% of the time,
  • Able to obtain sensitive information in 15 minutes or less,
  • Able to steal an average of five pieces of private information, and
  • Unchallenged by employees 70% of the time.

Places most at risk for visual hacking:

  • Shared workspaces
  • Open office floor plans
  • Cubicles with low walls
  • Reception and high-traffic areas

Of course, visual hacking is not limited to the office. Anytime you are using your computer or smartphone in a public space like a café or airport, you are potentially exposing sensitive information to others.

How to stop visual hacking
Take a walk around your facility and note how easy it is (or isn’t) to visually hack your employees’ computers and desks. If you feel that you have workstations that may be at risk for visual hacking, here are a few quick and easy solutions:

  • Privacy filters. These restrict your computer screen’s viewing angle to about a 60-degree angle. They are especially great for employees who frequently use their laptops on the road, and cost about $35 each.
  • Screensavers. These are included with every computer. For any high-risk computers, have employees set their screensavers to turn on one minute after disuse.
  • Limit visitor’s access. Don’t leave visitors unattended.
  • Limit visitor’s use of cell phones so they can’t take pictures of sensitive information.
  • Instruct employees on how to maintain a clean, organized space and how to best keep documents hidden from view.
  • Implement a document shredding policy to reduce the number of sensitive documents in circulation.

There’s no need to get paranoid about visual hacking. Everyone who walks into your office isn’t a thief. But it’s worth educating your employees that visual hacking is a potential threat, and one that can be largely prevented.

For help on making your facility a more secure environment, contact Vanguard Resources