From publicly disclosed incidents, we know that more than 8.5 billion records were leaked or compromised in 2019.¹ Following the COVID-19 pandemic, monetary losses due to data breaches have continued to pile up. In 2021, the FBI’s Internet Crime Complaint Center (IC3) received 847,376 reported complaints (up 7% from 2020) with potential losses exceeding $6.9 billion.² According to a 2022 report, 83% of organizations studied have had more than one data breach.³
The stakes have been raised, and the challenges faced by information security teams and their IT counterparts have never been greater. While we monitor networks, reinforce firewalls and install patches, we often overlook another critical vulnerability, one that is literally staring us in the face: the sensitive information displayed on our computer screens.
Sooner or later, all data becomes visual – and susceptible to visual hacking.
“Protecting the company’s assets is a role that everyone in the organization needs to play. Security is the responsibility of all employees.”
—Michael Musto, former Deputy Chief Information Security Officer, 3M
The next time you attend a conference or event, look around and note the amount of exposed data displayed on phones and laptops. Anyone wandering by could snap a picture of a screen displaying sensitive information. It can happen in the blink of an eye.
In a visual hacking experiment sponsored by 3M, a white hat researcher walking through an office successfully obtained sensitive data 91% of the time.⁴ While electronic breaches typically leave a data trail for forensics investigators to follow, visual hacks leave no such trace.
A 2022 study found that 82% of data security breaches involved “the human element” in some way: stolen credentials, misuse of organizational resources or simple human error.⁵ Exposed screens are a major way the human element can cause breaches. Consider the people who may walk through your office: visitors, contractors, delivery persons and employees from different departments. What can they see? What is that information worth? What are your employees doing to protect their onscreen data?
A simple step toward keeping visual data private.
A 3M™ Privacy Filter attaches to a display and gives the intended user a clear view of their screen while blocking side views. Even someone sitting next to them won’t be able to read their data.
"Visual hacking presents a unique challenge that cannot be solved through digital technologies. There are limited solutions protecting our privacy against this threat.”
—Michael Musto
Screen privacy has always been a key part of effective data security. Over a decade ago, much of the workforce switched from desktop computers to laptops and other portable devices. But following the COVID-19 pandemic and global shift to remote work, the risks of visual hacking have risen significantly. Sensitive data is now displayed on various devices in all kinds of public spaces: cafés, hotel lobbies, airport terminals and even the cramped middle seat of an airplane, with prying eyes just inches away.
Screen privacy filters have become not just an accessory but a necessity for an organization’s comprehensive IT data protection plan. No matter where work is done, you can help your employees safeguard intellectual property, trade secrets, communications and customer information on their screens.
Michael Musto, former 3M Deputy Chief Information Security Officer, has discussed data protection in depth with his counterparts at other companies. He observed that “they, like us, are overwhelmed with electronic security measures; let alone having bandwidth to take on the physical security measures of privacy screens.” He added that “the attacks are relentless, and the threats are always changing.”
An easy-to-use solution
3M™ Privacy Filters can help IT managers and their employees safeguard intellectual property, trade secrets, communications and customer information on their screens in an everchanging workplace. 3M™ Bright Screen Privacy Filters, for example, can be attached to laptops to help block visual hackers while providing 85% light transmission for intended users. This makes them 25% brighter than competing black privacy filters. In the office, at home or anywhere else employees work, privacy screens from 3M can help them effortlessly protect the information on your organization’s screens.
“The new norm of working from anywhere requires us to be smarter than our adversaries.”
—Michael Musto
Implementing consistent and proper usage of privacy filters across a large workforce is challenging. Even a leader in screen privacy solutions like 3M sometimes struggles to get employees to use their privacy filters.
Writing mandatory usage into your company’s information security policy is a key first step. But cultivating the habit of using privacy filters is a constant effort for both you and your employees. To encourage usage, privacy filters must:
When ease of use isn’t enough, incentives can help. According to Ed Nelson, 3M Global PC Hardware Lead, “In an initial rollout, you could have a ‘Spot: Reward’ campaign – get caught using your privacy filter and get a discount coupon for the company cafeteria.” Ed believes that, given the opportunity, all employees would like to contribute to the good reputation and financial stability of their organization. This can be a powerful motivator for your staff.
The modern office workspace is evolving, with cubicle walls shrinking and open office environments growing more popular. Many conference rooms are built with expansive glass windows, exposing large format monitors to visual hackers down the hall or even outside on the street. A company may discover too late that an early earnings report, meant for the C-suite, became the talk of Wall Street after an inquisitive visitor wandered by.
IT managers and information security officers can find solutions together. Walk through your building and notice what can be seen on screens, especially in high traffic areas. Organizations that frequently display and collect client data – hospitals, airport terminals, even coffee shops – must be extra vigilant in shielding personal and financial information on their screens.
Illustration of multi-level open office space with 14 silhouetted workers seated in waiting areas, at long tables, in offices and cubicles with short walls. Some are standing. Image labels are: open office floor plans, open cubicles, offices near windows, shared workspaces and high traffic areas.
What we learn from newsworthy data breaches is that we need to be vigilant and help protect our valuable data both electronically and physically. At 3M, IT hardware managers like Ed Nelson can and do assist in these initiatives. Their efforts help deter hackers, address insider threats and avoid mobile-related leaks, helping prevent the unauthorized use of company information and saving significant costs of potential damage.
3M Global PC Hardware Lead
Ed Nelson has served in information security, project management and hardware procurement at 3M. In his current role, he tests and evaluates PC’s, monitors and accessories for all global employees. Prior to this, he worked in endpoint security as the LANDESK administrator for global patch management where he maintained a 95% deployment rate of workstation patches within two weeks of patch release. Ed regards 3M employees as clients and strives to provide high-performance computing tools that will support productivity while keeping valuable company data secure.
Former Deputy Chief Information Security Officer, 3M
Michael Musto has over 38 years of experience spanning roles in information technology, product development and cybersecurity for companies in high tech manufacturing, financial services, insurance and technology as a service industries. In his role at 3M as the Deputy Chief Information Security Officer, he had responsibility for cybersecurity architecture, mergers and acquisitions, and supports R&D and Manufacturing 4.0. Mike credited his success to developing strong relationships with key stakeholders in an organization and external partnerships to enable business decisions and strategy.
Have a question about our products? Need help finding the right-size or type? We’re here to help.
¹“X-Force Threat Intelligence Index.” IBM. 2020 (PDF, 1.28 MB).
²“Internet Crime Report 2021.” FBI Internet Crime Complaint Center. 2021.
³“Cost of a Data Breach Report.” Sponsored, analyzed and published by IBM Security® and conducted independently by Ponemon Institute. 2022.
⁴“Global Visual Hacking Experiment.” Sponsored by 3M Company and independently conducted by Ponemon Institute. 2016 (PDF, 133.66 KB).
⁵“Data Breach Investigations Report.” Verizon. 2022.
⁶ Public Spaces Interview Study.” Sponsored by 3M and independently conducted by Ponemon Institute. 2017.