One day last week, I happened to visit a lawyer’s office to consult on a business matter. Nothing was really out of the ordinary and the place was a typical small law firm with plenty of boxes and files piled around all the desks.
There was one thing a bit off. One of the young ladies in the reception area faced the exterior wall and her monitor was visible and readable to me as I stood there in the reception area. As I sat down and waited for my appointment, her monitor was still visible and very much readable.
Now it must have been lunch time because the young lady was surfing Facebook. But what if information governed by attorney/client privilege was on her screen? Or, confidential personal information about a client? All of the technical security solutions and investments would be of little value preventing such a breach, but the fix remains easy.
Most aspects of good security boil down to people, process, technology and environment. This example is a case of addressing the people aspect by awareness training, altering the environment by perhaps relocating the desk and screen, or even a simple technology fix such as an inexpensive screen filter.
How are your employees protecting your sensitive information?