3M Study: Visual Privacy Is The Weakest Link
Visual Data Breach Risk Assessment Study also found the majority of companies do not have policies or measures in place to protect sensitive information
February 24, 2011
PRESS RELEASE
ST. PAUL, MINN. (February 14, 2011) – A new study conducted by People Security and commissioned by 3M, the maker of privacy filters for computers and mobile devices, reveals two thirds of employees expose sensitive data outside the workplace – some even exposing highly regulated and confidential information such as customer credit card and social security numbers. The Visual Data Breach Risk Assessment Study also found the majority of companies do not have policies or measures in place to protect sensitive information from computer screen snooping when employees are working in public places.
During RSA, key findings from the Visual Data Breach Risk Assessment Study will be available at Booth 959 in the Expo Center, along with additional materials from 3M Privacy Filters.
“With the rise in mobile workers carrying confidential data with them outside the office, snooping is no longer a harmless hobby and may represent a weak link in corporate data security practices,” says Dr. Hugh Thompson, Chief Security Strategist of People Security. “Today’s latest smart phones now make it possible for a data thief to take a high-resolution picture of confidential information on a computer screen and retrieve readable data without any hacking necessary. Information revealed on mobile devices outside the workplace now creates a window into a corporation’s most confidential data – whether it is regulated or simply company secrets – and significantly raises the threat level of visual data breaches.”
“Companies know they need to protect confidential information, but the threat of a visual data breach has historically been low on the priority list,” said John Stoxen, 3M Director of Business Conduct and Compliance. “This study should convince companies to reassess their data security policies and tools to determine how to better protect against visual data breaches when employees are working outside the office. At 3M, we address the risk of visual privacy in our Electronic Resources policy by requiring employees to take appropriate measures to protect 3M confidential information in public
places by using privacy filters.”
The study included a survey of 800 working professionals1 and an experiment at a large IT conference where attendee computer usage habits and data security choices were observed2. The following key findings and implications outline some of the highlights from the whitepaper.
Key Study Findings:
• Employees Putting Information at Risk of Visual Breach
o The study revealed that two-thirds (67%) of working professionals surveyed had worked with some type of sensitive data outside the trusted confines of the office within the past year, including highly sensitive information such as customer credit card numbers (26%), customer social security numbers (24%), patient medical information (15%) and internal corporate financial information (42%).
• Smart Phone Camera New Tool for Data Thieves
o Fifty-five percent of working professionals surveyed worked on their laptop in a high traffic public area at least 1 hour per week. IT analyst firm IDC estimates that nearly 73 percent of the US workforce has some level of mobility3, and by 2013 this number will increase to more than 75 percent. Many of these workers will access corporate email/data in public areas through laptops and smart phones and the rise in quality smart phone cameras now makes it possible for a data thief to capture readable information as it is displayed on screen. Since the pictures can now be preserved for future use this increases the risk of a visual data breach.
• Visual Privacy Under-Addressed by Corporate Policy
o There is a significant gap between risk and corporate policy to prevent visual data breaches.
Seventy percent of working professionals surveyed said their company had no explicit policy on working in public places and 79 percent reported no company policy on the use of privacy filters to prevent visual data breaches.
• Employees Value Convenience Over Privacy.
o Eighty percent of working professionals surveyed thought that prying eyes posed a risk to their companies. Yet a majority (65%) of kiosk users chose one without a privacy filter.
These findings illustrate that some employees are careless with corporate data by choosing convenience over security.
• Protection against visual data breaches last to be addressed by corporations.
o Data security practices such as VPN access (46%), disk encryption software (38%) twofactor authentication (19%) were all more commonly used to protect against breaches compared to the use of privacy filters (13%).
• Opportunity to Increase Productivity.
o Fifty-seven percent of working professionals surveyed said they have stopped working on their laptops because of privacy concerns in a public place and 70 percent said they would be more productive in public places if they thought no one else could see their screen. By addressing the issue of visual privacy in corporate policies, as well as giving employees the necessary tools to protect the data they are accessing in public, companies can make their mobile workforce even more productive when working outside the office.
For more information or to download the study whitepaper, go to http://www.3MPrivacyFilters.com/whitepapers.
You May Also Like
The State of Attack Surface Management (ASM), Featuring Forrester
Nov 15, 2024Applying the Principle of Least Privilege to the Cloud
Nov 18, 2024The Right Way to Use Artificial Intelligence and Machine Learning in Incident Response
Nov 20, 2024Safeguarding GitHub Data to Fuel Web Innovation
Nov 21, 2024