The Meridian Blog: Tech News, Tips & More for SMB and Enterprise Environments

Is Your Data Security Vulnerable to Low-Tech Hacking Techniques & Physical Security Flaws?

Robert Bruce

Posted by Robert Bruce
Wed, Sep 09, 2015

Malware_Threats_StatisticsHackers are constantly looking for system vulnerabilities in order to plant spyware, malware and ransomware on unsuspecting computers, thus allowing them to infiltrate networks and steal data. They spend considerable time and resources writing new virus codes that can sneak past firewalls and antivirus programs. In fact, it's estimated that about 10,000 new threats are discovered every hour, over 200,000 new malware definitions show up globally each day.

Fortunately, security firms have gotten very good at thwarting most cybercrime attempts. If — and it is a very big if — your firewall and antivirus software are constantly monitored and updated, and your organization adheres to some basic data security best practices, then the chances of getting your system compromised digitally via the Internet can be minimized.

RELATED: 5 Key Principles for Data Security

A far more likely way that crooks get their hands on proprietary data, even in today’s Digital Age, is by using very low tech analog techniques such as simply walking into an office or cubicle and physically stealing it. Read on to learn more about these common low-tech hacking techniques so that you can better protect your data.

Desk Security Often Overlooked

With all the time and energy devoted to securing our computers and virtual desktops, the actual desks in our offices or workspaces often get overlooked as a source of valuable protected information (PI). White hat hackers — as they are sometimes referred to — have a much higher success rate than their online counterparts.

In a research experiment conducted by the Ponemon Institute and sponsored by 3M and the Visual Privacy Advisory Council, researchers posing as legitimate workers were able to visually hack sensitive information, such as passwords and usernames. They simply walked through an office during work hours and used a variety of low tech methods. 

As they ostensibly performed work duties in the study office, researchers were able to take documents labeled as confidential from desktops, or in some cases, use a smartphone to take photos of data displayed on computer monitors. These thefts were done in full view of other office workers, and 70 percent of the time the visual hacker was not stopped by employees, even when using a smartphone to take a photo of data displayed on a screen.

Even when they were questioned by others, the faux thieves were still able to steal an average of 2.8 pieces of sensitive data. When they were not questioned, they obtained an average of 4.3 pieces of data.

RELATED: 5 Most Common Ways Hackers Use Social Networking for Cyber Attacks

The Human Factor

All the surveillance technology and firewalls in the world cannot help keep your data secure if lax office habits prevail. It would be like buying the best alarm system money can buy, and then simply leaving your keys in your car.

Although your IT department or your managed services provider (MSP) can set up and monitor a first class security system, it can be quickly negated by leaving your password on a sticky note taped to your monitor, or even hidden under your keyboard.

Data thieves have been known to impersonate service personnel such as janitors and maintenance men in order to gain entry to offices after working hours. Printer and network access cards left on a desktop are prime targets for data thieves.

Just some of the types of hard copy data often left on unattended desktops in plain view of prying eyes include:

  1. Contracts
  2. Day planners
  3. Business plans
  4. Client contracts with billing terms
  5. Financial statements

One of the first places that data thieves look for pieces of information are printer trays. There are simple technological ways to avoid leaving sensitive printed material in an output tray, such as using secure pull printing. With pull printing, users must be physically present at the printer to punch in a code, or use an access card, before their documents can be printed.

RELATED: Is Your Printer a Security Weak Link?

This greatly reduces the chances of sensitive documents sitting unattended in the output tray. Never the less, employees should always be on guard against visual hacking in the office. Remember to secure those access cards and sensitive documents — and, for goodness sake, ditch the sticky note method in favor of a more secure way to manage login credentials and passwords.

Always ensure that considerations regarding both virtual and physical security are included in your technology road map, which must be updated on a regular basis. To get started on your own technology road map, check out our free white paper, 4 Key Elements to Consider When Building Your Technology Road Map.

Need some help implementing data security best practices in your office? Contact us for a complimentary assessment and your customized action plan.

Click here to download our white paper: 4 key elements to consider when building your technology road map

Robert Bruce

Ready to Become a Pro?

 Our White Paper can help.

whitepaper-4-key-elements-for-building-your-technology-road-map-thumbnail-3Subscribe to our blog and get your copy of "4 Key Elements to Consider When Building Your Technology Road Map"

You'll learn:

  • What role people play in determining your road map
  • How to build a plan in a multi-device world
  • What types of applications need to be considered
  • How data plays a key role in success


Subscribe to get your copy

Leave A Comment

About this blog

News, best practices and more to help you get the most out of your office technology. Whether you're an SMB owner who wears a lot of hats, or an enterprise IT director, facilities manager or just someone who wants to work smarter — this blog has the resources you need to maximize the business impact of all your tech investments. Be sure to subscribe to receive email updates about new posts!

Download our eBook



Sort Posts by Topic

see all