Who’s looking over your shoulder?

By: Carlos Morales -

I spent a lot of time over the past few years on airplanes and one thing I’ve noticed is that laptop LCD technology has come a long way. If I wanted to, I could watch movies on someone else’s computer from as many as five rows away. The displays are large and clear and they can be viewed from most angles clearly. The stuff showing on neighbor’s laptops is usually much clearer than the drop down displays on the planes themselves.

Movies, however, are not that big of a concern. Information is. What people usually do with a laptop on an airplane is work. Email. Presentations. Documents. It’s a great time to catch up and work without interruptions. I do it all the time. But I often wonder just who is sitting behind me looking over my shoulder… I’m sure that most people don’t consciously try to look over people’s shoulders on planes to steel information but with the big laptop screens blaring and a natural tendency for eyes to look for whatever entertainment they can find, it sometimes can’t be helped. And this is assuming that the person behind you doesn’t have malicious intent. It generally doesn’t take careful study of a Powerpoint slide to figure out what the message is, who the presenter is, and what company they work for.

Companies spend a lot of time and effort in locking down their facilities to outside access, locking down the network and locking down individual computers on the network. All of this is in an effort to maintain integrity of data within the network and protect against threats to that data or the infrastructure that carries it. In one short flight, someone sitting behind an executive of your company may have gotten a full view of board of director slides, sales/marketing strategies, potential M&A information, or an email outlining the affair that the CEO of your company had with the VP of Finance (none of these examples reflect real events). Clearly damaging information could make its way into the wrong hands if left out in the open.

This is just one small aspect to the bigger problem of social engineering but one that can be readily addressed or at least made more difficult for the miscreants of the world. Education, as always, is important. It may seem like common sense but emphasizing to employees with access to critical data that said data shouldn’t be displayed in public environments is a good start. A person who realizes they shouldn’t talk to a colleague about a company secret from fear of being overheard will sometimes fail to realize that writing about the same secret on a laptop may be displaying the information to your competitor’s marketing director sitting 2 rows back across the aisle.

Another easy to implement countermeasure is privacy protectors for laptops. You put these over your screen and it will allow you to see the screen clearly but anyone looking in at an angle sees only blank screens. You can get these for less than $100 according to a quick google search. I would submit that there is incredible ROI in preserving company information for companies to invest in these for at least their management teams.

Comments

  1. 3M gives laptop ‘privacy’ screens for less than 30 bucks :-)