Shoulder surfing is something that most people do every day in one way or another. Most of the time, this simple practice is done without the intention of stealing information. This practice can be used for malicious purposes however, so it is important to prevent unwanted parties from viewing confidential information or trade secrets displayed on your screen.
Shoulder surfing is actually a form of social engineering. It basically means an unauthorized third party is able to view a screen and any confidential data displayed on an electronic device. This privacy risk is common in public environments such as coffee shops or open office areas where co-workers, clients, and others can walk by a location where someone is working and their wandering eyes may able to see the private data on your screen.
Shoulder surfing risk can effectively be mitigated with simple, cost-efficient practices. One of easy way to counter shoulder surfing is to sit with your back to a wall. This way you are limiting other people’s ability to view your screen and data. You can also protect against shoulder surfing using a privacy screen for your computer. These inexpensive screens may however reduce your daily ease-of-use.
Also, shoulder surfing risk is not limited to public environments. Many times, attackers plan to gain visual access to a computer screen while an employee is unsuspecting and in their normal workplace. Visitors to a company, for instance, can easily glance at screens as they walk around and tour the company floor. The risk here is that many people believe they are safe from malicious intent at work, but vendors, onsite clients, other visitors, even co-workers should be considered possible privacy risks. Precautions against shoulder surfing to enhance security should always be practiced whether you are at work or in public environments.
Ultimately, employing these simple mitigation tactics we have shared can help reduce the likelihood of shoulder surfing affecting your business and may even end up preventing a costly security breach at your company and loss of trust from your customers.