The market for privacy filters is booming. Dave Williams, 3M Business Manager, UK Electronics Market, explains why this is good news for IT resellers
Let’s start with some questions: where are you reading this article?; can anyone view it over your shoulder?; and, while this article is obviously not sensitive data, what if it was?
Or, for a different viewpoint, have you ever been in a situation – in public or in the office – where you have inadvertently seen something interesting on a screen that was confidential or, at least, not for your eyes?
Imagine what a third party might be able to do with that information and it is easy to understand why there is growing concern about the risk posed by the use of screens in public or shared spaces.
Visual hacking is one of the fastest emerging areas of security prevention, and solutions to prevent it are something that technology resellers are increasingly adding to their product portfolios.
White hat hackers
Before we look at that opportunity, it makes sense to explain the visual hacking risk in more detail. A good starting point is a recent 3M-sponsored experiment by the Ponemon Institute, involving 157 ‘trials’ in a variety of organisations across eight countries in which ‘white hat’ hackers posing as temporary office workers with visible, valid security badges attempted to obtain sensitive or confidential data.
They tried to do this in three ways: by walking through the office looking for information on desks, monitor screens, printers, copiers and in other open locations; by taking a stack of business documents, labelled confidential, from a desk and placing it in a briefcase; and by using a smartphone to take images of paper or on-screen documents.
Sensitive content obtained during this experiment included personal IDs, customer and employee details, access and log-in credentials, classified documents, attorney client privilege material and financial and accounting information.
Worldwide, 91% of visual hacking attempts were successful. In approximately half of cases the material was taken in 15 minutes or less, and in only around one third of attempts was the ‘hacker’ challenged.
Over half (52%) of sensitive information obtained in the experiment was from electronic screens of one sort or another. The UK fared slightly better than some countries, with a success rate of just 44%, but that can hardly be considered a ‘good’ result
Not all departments were equally vulnerable. The office functions easiest to hack were sales, customer services and communications, followed by accounting and finance and human resources.
The most secure departments were Legal, closely followed by Quality Assurance and R&D, perhaps because personnel in these functions are more aware of the sensitive nature of the information they handle.
A growing risk
The growth of open-plan offices and mobile working has increased the risk of visual hacking, as today many people have a desktop monitor, a laptop, a tablet and a smartphone, creating four areas of security vulnerability.
There are, however, things businesses can do to reduce the risk, including clean desk policies; routine shredding of documents; the use of automated log-ins; and screen savers that activate after a short period of time. When visual privacy measures were put in place, the number of successful hacks dropped by 26%.
Employee education can also make a difference, by making staff aware that they have a responsibility to prevent their screens being viewed, for example by angling screens away from casual onlookers when working in a public place or an open plan office that visitors or contractors walk through on a regular basis.
A more robust solution
One drawback of these methods is that they rely on the user taking responsibility, which is why more organisations are adopting privacy filters as another line of defence.
A fast, simple and relatively economic way to immediately reduce the visual hacking risk, these film-based devices can be slipped on and off a variety of screens, ranging from desktop monitors to smartphones. When in place, they ensure that on-screen information can only be viewed at very close range and head on, effectively making screen content invisible to shoulder-surfers or people on either side.
For resellers, privacy filters are an easy addition to an existing security product or office accessories portfolio. Compared to security information and event management (SIEM) software, for example, installing a few hundred visual privacy filters is very straightforward. And demand is growing; over the last 12 months, the UK IT channel reseller market for 3M Privacy Filters has seen double-digit volume growth.
Visual hacking is just one element of a much bigger security picture, but since it is so simple for both users and resellers to implement, it surely makes sense for organisations to address this potential weakness before a hacker makes off with confidential or sensitive data.