October 06, 2015
A recent study has put the spotlight on ‘visual hacking’ – and visual hacking controls such as the Clean Desk Policy.
Visual hacking is when someone literally steals information visually – and it is an under-addressed threat in the workplace, according to the 3M Visual Hacking Experiment study conducted by the Ponemon Institute last year.
The study found that in nearly nine out of 10 tries, a ‘white hat hacker’ was able to visually steal sensitive information from the workplace.
A white hat hacker is a computer security expert that does penetration testing. For the study, he pretended to be a temporary or part-time worker and walked through offices of various companies looking for sensitive information to visually hack. He looked for information on desks, screens and other locations,used a smart phone to take pictures of confidential information displayed on computer screens, and took business documents labeled ‘confidential’.
As it turned out, unprotected devices provided the most information and while it was often just employee login credentials, “a hacker only needs one piece of valuable information to unlock a large-scale data breach,” said Larry Ponemon in an online story.
The study also identified effective visual hacking controls such as employee training, having a ‘suspicious reporting’ process, using privacy filters, and implementing a Clean Desk Policy.
What is a Clean Desk Policy?
It is a set of rules for the workplace that help protect confidential information. Here is a checklist of procedures that safeguard against visual hacking:
Find out why regular ‘spring cleaning’ of your document destruction policy makes sense all year around and learn how paper shredding services can help you maintain a clean desk policy.