I wonder how many of you peered at another person’s phone or laptop screen whilst on the way to work this morning…
Standing within a shoulder to shoulder full train, you see one unwary traveller unknowingly or knowingly broadcasting the contents of their screen to the entire train carriage. I am talking about what some people now refer to as ‘visual hacking’ also known as ‘shoulder surfing’.
We all know how easy or tempting it is to peer into the life of another who so blatantly opens the window for you to see their every text, email or facebook post. Like a moth to light, our eyes are drawn to the white screen, helpless to the innocent hacking we conduct with each glancing look.
A study carried out by ‘The Ponemon Institute’, within ‘The Global Visual Hacking Experiment’ showed that it takes around 15 minutes or less for a visual hacker to obtain information from a work screen or mobile. This is almost a quarter of the 54 minutes the BBC found an average UK commuter takes to travel to work. Meaning, a visual hacker could obtain key information from your work laptop 4 times over in the time it takes you to get from your house to the office.
What’s even crazier is the study found that 68% of the time, the information breach went unnoticed or unchallenged.
So, what do you do?
At Invotra, we take security very seriously and like to instill a sense of awareness that contradicts the 68% you see above.
To do this, we have implemented an awareness scheme that ensures even the newest employee is watching their back on the train to work.
I am of course referring to ‘The Art of ‘Dishing’; a system that has been in place for over 5 years within the Invotra organisation.
A simple yet effective rule, held with the highest regard throughout our offices. Simply explained, ‘dishing’ is the process by which if an Invotra employee leaves their laptop open and unattended, like a sheep in the midst of wolves, it is a race between the ranks to see who else in the office can access the laptop first.
Once the attacker is sure the coast is clear, the objective begins and their mission to dish the laptop is underway. From here, the would be ‘hacker’ must navigate to Invotra’s internal intranet where they will post a message within a group.
To confirm, the would be security breach the words ‘dishes’ are written and posted for all of the company to see; and thus the breach complete. The hackers only remaining job is to slip off into the office space, unnoticed by the oblivious victim.
The results
Dishing is a humiliation that is recognised by all of the organisation. For a new recruit, the soon learned embarrassment forces quick adaptation. Even the Invotra board members are not safe, with even Christmas dinner dishes taking place in some instances; yes, even mobiles are not safe.
Since its inception, dishing has evolved to include a variety of security checks. No longer the rule by which a person who is dished must clean the dishes, we have a dishwasher for that now! Dishing has led to a highly increased awareness, ensuring that each and every employee is conscious of instances such as leaving the office back door open, leaving secure keys at home or forgetting office door passes.
To bring this back to my earlier points, Invotra instills a sense of security that is robust and acquainted to this new digital age and its security risks. Having instilled a system that is easy to understand and in some cases competitive, Invotra has ensured that all of its employees are security conscious to the dangers of not only visual hacking but a breach in security altogether.
From the standpoint of someone who came into the industry a ‘non techy’, I am proof and evidence that dishing works. Not only do I watch my shoulder when using my work laptop outside of the office, I even lock my laptop when leaving it unattended in my own empty house.
The subject is one that we sometimes joke about but with statistics like the ones shown earlier, it is key now more than ever before to also take a scheme like dishing very seriously. Not only to protect your data but that of an organisation and its clients/customers.
The Art of Dishing is something that works for Invotra, could it work for you?
For more information on The Global Visual Hacking Experiment, undertaken by The Ponemon Institute, and the other key findings that they found, please watch this video.
