What is shoulder surfing?
This social engineering technique can pose a major security risk, so here's how to best protect against it
With the UK's second lockdown coming to an end, we now have more flexibility in where we can work. While we've been confined to home offices for the past few months, it's likely that more will begin to work from coffee shops, shared workspaces or company offices.
As such, the device you use for said work will potentially be visible to others and the information on it more susceptible to 'shoulder surfing'.
This is a form of social engineering that is used to covertly obtain information such as passwords or identifiable data. The name may sound innocent, but it is anything but. A simple glance over the shoulder can be used to see the pin code of your main bank card. It can be used to spot the login details for an online service, and can even be used to get the details to access your the services your business uses.
Part of the problem with shoulder surfing is the amount of opportunity to do it. The mass adoption of internet-connected devices and remote software means most people are typing in passwords, saving information and reading important things on the go all the time. Commuting is rife for smartphone and laptop use. Even on the underground where there's no signal, people can work and use certain services. The person next to could be looking.
Thankfully, there are some ways you can minimise the risk and work, or play, in peace.
Tilt your device
If you are using a smartphone on a train or bus and feel the unwanted gaze of someone else over your shoulder, you can simply tilt the device away. Similarly, you can lower the phone and cut off the angle.
This tactic is a little more difficult with a tablet or laptop but does still work if it's the person sitting next to you having a snoop. With a laptop, you can always tilt the screen downwards slightly, which if anything will probably signal that you want privacy.
Block their view
This is a more aggressive method, but if you're looking at sensitive work documents on the go then that's your prerogative. You can use your free hand to cover the side of your smartphone that's been compromised.
If it's a laptop, hold an object up at the side of the screen, such as the case, or a book, or your bag and block off the vantage point. During the winter months, a big coat can come in handy.
Sit out of view
When working remotely in a coffee shop or a public place its best practice to find a seat against a wall to keep all those prying eyes in front of you and over the other side of your laptop screen. For an extra top tip, make sure the wall isn't all glass or mirrored.
This is not much help when commuting, although the back of the bus will also work if you want to hide what your Googling.
Work from home
If you've got dodgy Wi-Fi at home and have to work in a public place, then shoulder surfing is an occupational hazard. However, if you have a great home connection, use it. The best way to stop people snooping on your companies business is to keep it private, stay home, or actually go to work.
Simplify cluster security at scale
Centralised secrets management across hybrid, multi-cloud environmentsDownload now
And, also, If you're searching through social media in public and worry that people are snooping, you can always just switch it off and put your device away. Take the opportunity to be social in real life rather than online, or perhaps read a book on your commute instead.
Managing security risk and compliance in a challenging landscape
How key technology partners grow with your organisationDownload now
Evaluate your order-to-cash process
15 recommended metrics to benchmark your O2C operationsDownload now
AI 360: Hold, fold, or double down?
How AI can benefit your businessDownload now
Getting started with Azure Red Hat OpenShift
A developer’s guide to improving application building and deployment capabilitiesDownload now