Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Is the open floor plan trend a data security headache?

Larry Ponemon | Aug. 26, 2014
Open-office floor plans have become an increasingly popular option for businesses, but the risks they present may outweigh the benefits.

Dragon NaturallySpeaking 13 office man image
While this photo shows an office worker using a headset, the new version of Nuance's Dragon NaturallySpeaking supports built-in microphones on notebooks.. Credit: Nuance

Today, more and more businesses are foregoing the traditional design setup of cubicles and closed-off offices for an open floor plan. Companies like Facebook and Google market their open-office floor plans to potential employees, touting that the design allows workers to work closely together and fosters a culture of collaboration.

It's a trend that isn't going away anytime soon: according to the International Management Facility Association, 70 percent of American employees now work in open-office environments and Facebook is working on a Frank Gehry-designed expansion which will give the social network's Menlo Park headquarters the distinction of having the world's largest open-office floor plan when completed in Spring 2015.

One thing is for certain, having an open floor plan tips the balance between private and public and this shift majorly affects how proprietary and sensitive company information is protected. This raises the question: what data security threats does the open floor plan expose and how can security professionals manage this potential data security headache?

Threat of visual hacking
Visual hacking, or the act of viewing or capturing sensitive, confidential and private information for unauthorized use, is a major data security risk in the age of the open-office floor plan. With employees changing workspaces regularly, it is all too easy for vendors, third parties or even malicious workers to see confidential information or gain the credentials to penetrate further into the company's databases from a device screen or hard copy file. With Google glass and the high quality of smartphone cameras, covertly capturing images of data or credentials becomes an easy feat.

Potential solutions:  Data security and privacy teams should explore both company policies and physical solutions to combat visual hacking:  

  • Protect against visual hacking from virtually every angle by coupling traditional privacy filters with 3M ePrivacy Filter technology, a software that alerts users when an over-the-shoulder onlooker is behind them and blurs the screen when a user looks or walks away.
  • Encourage workers to be aware of their surroundings and angle device screens away from high-traffic areas.
  • Instruct workers that all computer monitors and device displays should be shut down and password protected when not in use.
  • Implement a clean desk policy and ensure that workers remove any files containing proprietary information that are in plain view immediately after use.

Lack of speech privacy
Just as the risk of employees seeing information that they shouldn't in the open floor plan office, so too exists the possibility of employees overhearing conversations they shouldn't.

 

1  2  Next Page 

Sign up for CIO Asia eNewsletters.