Two-thirds of employees put sensitive data at risk when working outside the workplace, and some workers even expose highly regulated and confidential information such as customer credit card and Social Security numbers, according to a recent study.
Additionally, the majority of companies do not have policies or measures in place to protect sensitive information from computer screen snooping when employees are working in public places , according to The Visual Data Breach Risk Assessment Study, conducted by People Security and commissioned by 3M, the maker of privacy filters for computers and mobile devices.
The study included a survey of 800 working professionals and an experiment at a large IT conference where computer usage habits and data security choices were observed.
"With the rise in mobile workers carrying confidential data with them outside the office, snooping is no longer a harmless hobby and may represent a weak link in corporate data security practices," Hugh Thompson, chief security strategist of People Security, said in a statement.
Thompson said the latest smart phones now make it possible for a data thief to take a high-resolution picture of confidential information on a computer screen and retrieve data without having to hack into anything. He said the information revealed on mobile devices outside the workplace now gives a thief a window into a company’s most confidential data, greatly increasing the possibility of visual data breaches.
The study also examined how privacy concerns affect employee productivity when they work outside the office. Fifty-seven percent of workers surveyed said they’ve stopped working on their laptops in a public place because of privacy concerns and 80 percent thought that "prying eyes" posed at least some risk to their organizations, according to the study.
Key findings of the study include:
- Employees are exposing regulated customer information, as well as confidential corporate information outside the office. Two-thirds (67 percent) of the working professionals surveyed had worked outside their offices within the past year with some type of sensitive data, including highly sensitive information such as customer credit card numbers (26 percent), customer Social Security numbers (24 percent), patient medical information (15 percent) and internal corporate financial information (42 percent).
- Convenience is more important than privacy and security for employees working outside the office. One in four (26 percent) users said they accessed corporate e-mail on an unprotected network in a high-traffic public area; for example, an Internet kiosk at conference, even though many of them could have used more secure corporate laptops or smart phones. Additionally, although attendees who used the Internet kiosks had the choice of using a computer equipped with a privacy filter so other people couldn’t see the information they were accessing, the majority (65 percent) of kiosk users chose those without privacy filters.
- Seventy percent of working professionals said their companies had no explicit policies on working in public places and 79 percent reported that there were no company policies on the use of privacy filters to prevent visual data breaches.
- Protection against visual data breaches is the last security measure to be addressed by corporations. Data security practices such as VPN (virtual private network) access (46 percent), disk encryption software (38 percent), two-factor authentication (19 percent) were all more commonly used to protect against breaches compared to the use of privacy filters (13 percent).
- The threat of a visual data breach is growing. Fifty-five percent of working professionals said they worked on their laptops in high-traffic public areas at least one hour per week. And according to a recent survey, more than 60 percent of U.S. households have at least one camera phone, meaning users have the ability to capture images, including screen shots, further increasing the risk of visual data breaches.
- Fifty-seven percent of the working professionals said they have stopped working on their laptops in public places because of privacy concerns. And 70 percent said they would be more productive in public places if they thought no one else could see their screens.