Rechercher
Contactez-nous Suivez-nous sur Twitter En francais English Language
 

Freely subscribe to our NEWSLETTER

Newsletter FR

Newsletter EN

Vulnérabilités

Unsubscribe

Visual hacking – the scale of the risk and how to manage it

July 2019 by 3M

3M recently announced the results of its Global Visual Hacking Study (1000 business travellers including the UK) that 8 out of 10 of them consider visual hacking a threat, with the majority believing that this is the cause of a third of data breaches, yet over ¾ admit to displaying company information on their screens in planes or trains (2/3 when on busses or underground). 2/3 also say that they have found someone looking at their screens.

This is the latest in a series of studies over the years that underline how big a risk visual privacy is, and while many organizations and industry bodies are taking steps, it still has less focused than more ‘digital’ security threats. In the Global Visual Hacking Experiment carried out by the Ponemon Institute, visual hacking attempts by a white-hat hacker were successful in an average of 91 per cent of attempts worldwide (only slightly in the UK at 87 per cent).

As well as being part of GDPR compliance, visual privacy is being mandated or included within a variety of various industry guidelines, including the Law Society, the Bar Council, the FCA, the UK schools examination authority, and government bodies including the Security Framework Policy, the DWP, Foreign and Commonwealth Office.

As well as highlighting the risk of visual hacking, 3M can also provide ‘best practice’ advice on how organisations and individual employees can better protect themselves against the risk of ‘visual hacking’, including:
 Keep it clean – encourage staff to clear their desks at the end of the day and lock away any document deemed sensitive or confidential. Check the mailroom and printer trays to make sure documents are not being left in full view
 Close it down – screensavers and log-ins after a few minutes may seem ‘old school’, but they are a very effective and simple way to reduce the time a screen is exposed to prying eyes. This applies to mobile devices too
 Shred it – instigate shredding of documents as a routine practice and discourage unnecessary printing or copying of documents
 Top-down – visual privacy policies are more likely to be followed if they are mandated at management level. Some private and public sector organisations are mandating the prevention of visual hacking as part of their ISO27001 processes
 Everyone is responsible – educate staff about their own role in ensuring visual privacy, particularly in open plan or public spaces
 Angle away from prying eyes – a very simple step is to make sure that a screen is angled so that it cannot be viewed, for instance by the user sitting with their back to a café wall, rather than in full view of the coffee counter queue
 Use privacy filters – these can be can be easily slipped on and off screens of all kinds and prevent on-screen data from being viewable except straight on and at close range. So, someone taking a sideways glance or several feet behind the screen will see just a blank image

Top tips for staying safe when travelling, from 3M (these points can all be expanded upon)

With the holiday season upon us, many business people will still be checking on work emails etc while spending time with their families, friends, or while travelling. It’s a time when people may be at risk of dropped their guards, so 3M has some advice to help business travellers keep safe.

Be aware – don’t be tempted to take risks. When we are travelling, we may be more tired, and if on holiday, hopefully more relaxed, than usual – unfortunately, crooks can take advantage of that mindset. If you’re checking business communications and content, you need to protect yourself, your colleagues and customers, even when on ‘downtime’.

Network-savvy – don’t connect to public WiFis or public recharging stations (eg those found at airports). Turn off unnecessary WiFi and Bluetooth settings to avoid thieves with mobile scanners.

Be prepared – store stuff in the cloud, don’t carry it with you, use a password management tool, and built-in password protection options provided as standard (eg those found in Microsoft Office), carry out software updates before you go (out of date software is often more vulnerable to hacking).

Surf safely – Https sites are encrypted and so are theoretically safer than http ones. Never open a suspicious looking email or message from someone you don’t know (we would never do this at home, but when travelling and tired, our guards may be down).

Don’t advertise your holiday – post photos of having a great time when you get back, not to announce to burglars that you’re away from home

Get physical – make sure hand luggage is secure. Should a laptop or phone be stolen, it is a good idea to have a note of who to contact to cancel any subscriptions and other sensitive data.

Prying eyes - If working on a train, aeroplane or another public place is unavoidable, make sure that screens are not easy to view. ‘Visual hacking’ has been shown to be very easy and fast achieve. Use screensavers, angle screens away from prying eyes, and invest in privacy filters.


See previous articles

    

See next articles


Your podcast Here

New, you can have your Podcast here. Contact us for more information ask:
Marc Brami
Phone: +33 1 40 92 05 55
Mail: ipsimp@free.fr

All new podcasts