What the Open-Plan Office Trend is Doing to IT Security
Across the country, cubicle walls are coming down as businesses seek to take advantage of the cost-saving benefits associated with open-plan offices. While employees have been very vocal in their collective disdain for the latest workplace trend, it doesn’t appear to be going anywhere soon. In fact, more than 75 percent of U.S. offices now feature an open plan, according to research by Milwaukee design firm Kahler Slater, which means many Americans have no choice but to learn to work in this new environment.
Employees aren’t the only ones complaining about this new layout, however. These new plans leave computer monitors unguarded, which is good for bosses who want to make sure employees aren’t spending all day on Facebook. It isn’t so good for enterprise data security, since screens are now easily accessible to fellow employees and workplace visitors.
Businesses spend a great deal of time and resources on ensuring their servers are secure without realizing their employees pose the biggest threat. Visual hacking occurs when a party is able to gain access to a user’s screen in person. The person doesn’t even have to be standing in a user’s office to see the information. It could be viewed through a window, from a hallway, or on a user’s laptop screen while working at a coffee shop.
An open-plan office presents a new challenge for employers, since the cubicle walls that once protected computer monitors are gone. In many cases, monitors can’t be positioned in a way that protects the information displayed on them from being viewed. Businesses should investigate and purchase top-quality privacy filters for their office desktops and laptops and position each monitor in a way that minimizes views.
For years, employees have gotten in the habit of posting passwords around their offices on sticky notes. In an open-plan office, even keeping this type of information under a keyboard or in a desk drawer can be dangerous. Those nearby could witness this behavior and wait until an opportune moment to access it.
Another danger in open-plan offices is that someone nearby will simply watch a person’s keystrokes to note his password. This is especially true of a system’s primary password, which a user generally enters every time he returns to his computer. Employees should be advised to be aware of those around them and refrain from entering passwords if someone’s watching.
While cubicle walls were always insufficient in shielding workers from each other’s phone conversations and in-office meetings, an open-plan office packs more workers into a smaller amount of space. This puts each conversation within earshot of at least a dozen people. Employees can easily overhear information that should have been kept private, whether that information belongs to a customer or co-worker.
To offset this risk, businesses should group employees together in a way that makes sense. A call center group that deals with customer payments could be situated toward the back of the office, with each employee understanding that anything they overhear is to be kept confidential. Many employers are also opting to include private areas for employees to have private conversations. Be sure these small offices include an office phone and make sure calls can be forwarded to that number if an employee finds confidential information must be discussed mid-call.
While offices have made great strides toward becoming completely digital, paper is still a large part of daily corporate life. An employee may deal with contracts, meeting notes, and other confidential information on paper, resulting in stacks of documents and file folders. In a closed office, this isn’t as much of a problem, since walls shield information throughout the day. In an open-plan office, however, it can invite theft.
In addition to putting documents at risk, an open-plan office can invite theft of personal property, including employee purses and wallets. To protect an employee’s personal belongings, lockable drawers should be available in each office. If an employee deals with documents that contain sensitive information, employers should mandate that those documents be stored safely away in a locked file cabinet when not supervised. If possible, consider switching to a document management system that allows these documents to be safely stored on a server, with all paperwork shredded once stored.
Open-plan offices have upped the risks for many businesses, but with a few security precautions, companies can mitigate risks. Employees should be trained in IT security for this new office environment to prevent putting customer and personal information at risk.