• Low-Tech Security Threats

    Mesh background pattern Mesh background pattern Mesh background pattern
    • While IT/Security teams pay much time and attention to high-tech data security threats, often times the methods that hackers use on a daily basis can be low tech and decidedly unexciting. Whether in the office or in public places, it is important to pinpoint these low-tech security threats and take the necessary steps to safeguard confidential company information.

      Use the below low-tech threat “hotspots” as a guide to tightening security defenses:

      Within the Office

      I. Desk Area


      • Computer Screen: Use a privacy filter to block proprietary information on the screen from being viewed by visual hackers or shoulder snoopers attempting to view you screen from the side.
      • Physical Documents: Remove any physical documents including company information from plain view before leaving the workspace. Place these items in a locked drawer or other secure area.
      • Trashcans: Do not dispose of important documents in personal trashcans. Utilize a shredder to dispose of
      • Passwords: Remove all passwords and login information from visible papers.
      • USB Drives: Remove USB drives from computers after use and store in a secure place.
      • Keys and Access Cards: Carry keys or access cards on your person at all times. Alternatively, place these items in a locked drawer or secure container.
      • Bags: Do not leave bags and briefcases unattended. If leaving the desk area, take these items with you or place them in a locked drawer or secure area.
      • Device Software: Equip computers, laptops and mobile devices with security software as recommended by IT/Security departments. Ensure that any and all updates to this software are made in a timely manner.

      II. Copy Area


      • Printer: Promptly remove all documents from the printer.
      • Copier: Do not leave the original document in the copier tray. Remove all copies from the machine.
      • Shredder: Review your company policies to determine what types of documents should be shredded.

      Common Area (i.e. Lounges, Meeting Rooms, Lunch Rooms)


      • Presentation Area: Close email and other important documents prior to sharing a screen on the projector.
      • Confidential Documents: Avoid accessing confidential documents on devices or reviewing physical documents in common areas. If the documents must be accessed, be aware of surroundings and potential privacy threats. Adjust where you are standing/seated and have your back angled toward a wall if possible.
      • On the Phone or In-Person Discussion: Do not discuss confidential information over the phone or with a colleague while in common areas.
      • Mobile Devices and Laptops: Use privacy filters on laptops and privacy screen protectors on mobile devices to block information on the screen from being viewed by visual hackers or shoulder surfers attempting to view you screen from the side.
      • White Boards: Erase all information off of white boards after meetings and brainstorms.

      III. In Public Areas


      • Mobile Devices and Laptops: Use privacy filters on laptops and privacy screen protectors on mobile devices to block information on the screen from being viewed by visual hackers or shoulder surfers attempting to view you screen from the side.
      • Confidential Documents: Avoid reviewing physical documents in public places. If the documents must be accessed, be aware of surroundings and potential privacy threats. Adjust where you are standing/seated and have your back angled toward a wall if possible.
      • On the Phone or In-Person Discussion: Do not discuss confidential information over the phone or with another person while in public places.
      • Leaving Items Unattended: Do not leave devices or confidential information unattended for any reason.
      • Personally Identifiable Information: When in public places, be aware of sharing any information that may be used to identify who you are or where you work. Simply knowing a worker’s name can give a hacker a foot in the door for a spear phishing attack.

      Legal Information:
      We are providing this information as a courtesy to you, free of charge. While we believe that this information is reliable, its accuracy or completeness is not guaranteed. Accordingly, the foregoing information is provided “AS-IS”. In providing this information, we make no warranties regarding particular product use or performance, including any implied warranty of merchantability or fitness for a particular use.