Servertastic

UK £ US $ Euro

  • Home
    • About Servertastic
    • Servertastic Blog
  • Cyber Security
    • SiteLock Website Security
    • Vulnerability Scanning
  • SSL/TLS Certificates
    • SSL Certificate Comparison Chart
    • Sectigo Certificates
      • PositiveSSL DV
      • PositiveSSL DV Multi-Domain
      • PositiveSSL DV Wildcard
      • PositiveSSL EV
      • PositiveSSL EV Multi-Domain
      • Sectigo DV SSL
      • Sectigo SSL DV Multi-Domain
      • Sectigo DV SSL Wildcard
      • Sectigo OV SSL
      • Sectigo SSL OV Multi-Domain
      • Sectigo OV SSL Wildcard
      • Sectigo EV SSL
      • Sectigo SSL EV Multi-Domain
    • RapidSSL DV
      • RapidSSL Wildcard DV
    • Geotrust Certificates
      • QuickSSL Premium DV
      • True BusinessID EV
      • True BusinessID OV
    • DigiCert Products
      • Secure Site OV
      • Secure Site EV
      • Secure Site Pro OV
      • Secure Site Pro EV
      • Secure Site Wildcard OV
      • Norton Seal
    • Microsoft Exchange certificate
    • EV Certificates
    • Wildcard Certificates
    • DV Certificates
    • Validated Certificates
    • Multi Domain Certificates
      • True BusinessID OV Multi Domain
      • Sectigo SSL EV Multi-Domain
      • Sectigo SSL OV Multi-Domain
      • Sectigo SSL DV Multi-Domain
      • PositiveSSL EV Multi-Domain
      • PositiveSSL DV Multi-Domain
      • QuickSSL Premium DV
      • True BusinessID OV
      • True BusinessID EV
  • SmarterTools
    • SmarterMail
      • SmarterMail Upgrades
      • SmarterMail Maintenance and Support
      • SmarterMail Message Sniffer
      • SmarterMail ActiveSync
      • SmarterMail Exchange Web Services
    • SmarterStats
      • SmarterStats Upgrades
      • SmarterStats Maintenance and Support
    • SmarterTrack
      • SmarterTrack Upgrades
      • SmarterTrack Maintenance and Support
      • SmarterTrack Communicator
  • Account Login
  • Help
    • Read the Docs
    • FAQS
  • Contact
  • LOG OUT

Is your desk photo giving away important data?

21st April 2020

Home Office

With many of us making a hurried move to working from home due to the current Covid19 situation, social media has been flooded with people proudly posing on Zoom calls or showing off their new home office set-up. But what data risks do those pictures pose and what can you do to mitigate them?

As cyber security experts it’s unlikely you see a picture of our desks on LinkedIn, but as the trend for showing off how well you are working at home shows no signs of abating, here’s what we recommend you look out for in particular.

The risks of taking pictures at your desk - passwords

Is your wifi password stuck on your monitor or laptop? Do you keep the handy little card supplied with your router by your desk for ease of sharing with guests? Make sure it’s not in the picture or you risk exposing your home network to hacking.

And while we’re talking about home networks and hacking, best practise for working from home and keeping your data secure would require a separate network for your work laptop or PC to connect to. As this is largely impractical we recommend using a Virtual Private Network (a VPN) so that your data is kept on a separate, more secure network. It’s inexpensive, easy to set up and requires no advanced IT ability, but it will help keep your data secure.

What’s on your screen?

Open files, emails in your inbox or other things pinned to your desktop can all be visible when you take a quick snap of your desk. 

The cameras in the current generation of smart phones allow a serious amount of zooming in without losing quality, so anything that’s open on your laptop or PC becomes readable if you try, even though it looks small on your original picture. The same goes for family photos in the background, passwords or account details written on post-its on your desk, business cards or other information that you could have lying around.

In particular, apps that you use could have backdoors within them that hackers are aware of. Seeing them on your desktop could open you up to a targeted attack using known security flaws.

Another risk is showing the ID of the Zoom call you were on – you’ll find it in the top left-hand corner. If your meeting is a recurring one the ID will stay the same and as Zoom bombing is an increasing risk, letting others know your meeting IDs isn’t the best idea.

Zoom bombing

Say what?! Yep, Zoom bombing is the new name for people dropping into your Zoom calls uninvited​. It tends to happen when the call ID has been publicised, often within an event listing as so many people are trying to switch their in-person business models to online.

The result is someone taking over your Zoom call, potentially putting pornographic or other offensive material on the screen – even if you’ve turned off the option for others to screenshare – and malicious links being shared in the chat function which allow hackers to browse people’s systems while they pay attention to your training/meeting.

This kind of tactic tends to be more of a risk when there are many people on a call, not just a few colleagues who know one another, and Zoom has quickly rolled out some security changes to try to mitigate concerns. These include passwords now being required to join calls and a waiting room where people have to stay until the call host invites them into the call. These features were already available but have now been enabled as standard.

Zoom was designed as a consumer, not business, platform first and foremost, so ease of use is at its heart. Platforms designed this way tend to have to run to catch up on security issues, so consider using other options such as Microsoft Teams if you need a more secure environment.

Potential consequences of losing data by posting desk pictures

The risks you’re opening yourself up to range from having your data stolen up to allowing your clients’ data to be stolen – and the resulting issue of having to report this to the Information Commissioner’s Office, the embarrassment of letting your clients know and potentially facing a fine.

Your system could be hacked and used as a backdoor to get into your clients’ systems, or your data could be used to hold you to ransom.

Any of the potential consequences of losing data by posting a picture of your desk online could lead to a serious amount of costs being incurred to set things right. So the next time you want to show off your swish new desk/laptop/latest Zoom call, make sure you clear up the surrounding area to get rid of any risks – or better still, don’t post the picture!

Got a cyber security question? Get in touch and we’ll get back to you ASAP.

Filed Under: Cyber Security

  • Blog Home
  • Cyber Security Services
  • Contact Us

Recent Posts

  • Test and Trace privacy – your new obligations
  • Data and cyber security risks with the new Track & Trace system
  • Staying safe from fraud – Covid19
  • Is your desk photo giving away important data?
  • Cyber security when working from home – stay safe online

Cyber Security Services

  • Cyber Security
  • Cyber Essentials Certification
  • Cyber Security Awareness Training

Sectigo Products

  • PositiveSSL DV
  • PositiveSSL with EV
  • PositiveSSL DV Wildcard
  • Sectigo DV SSL
  • Sectigo DV SSL Wildcard
  • Sectigo OV SSL
  • Sectigo OV SSL Wildcard
  • Sectigo EV SSL
  • Sectigo SSL DV Multi-Domain
  • PositiveSSL DV Multi-Domain
  • Sectigo SSL OV Multi-Domain
  • PositiveSSL EV Multi-Domain

DigiCert Products

  • DigiCert Features
  • Secure Site OV
  • Secure Site EV
  • Secure Site Pro OV
  • Secure Site Pro EV
  • Secure Site OV Wildcard
  • Secure Site Pro Wildcard OV
  • Norton Seal

Geotrust Products

  • QuickSSL Premium DV
  • QuickSSL Premium Multi Domain
  • QuickSSL Premium Wildcard DV
  • True BusinessID OV
  • True BusinessID OV Multi Domain
  • True BusinessID EV
  • True BusinessID EV Multi Domain
  • True BusinessID OV Wildcard

RapidSSL Products

  • RapidSSL DV
  • RapidSSL Wildcard DV

SmarterTools Products

  • SmarterMail
  • SmarterStats
  • SmarterTrack

Support

  • Knowledge Base Home
  • Current System Status

Resellers

  • Reseller Program
  • Reseller Login
  • Reseller Sign-Up
  • Reseller Terms and Conditions

Social Media

  • Twitter
  • Facebook
  • Medium
  • LinkedIn

Legal

  • Terms and Conditions
  • Refund Policy
  • Privacy Policy
  • Reseller Terms and Conditions
  • VAT On Purchases

Servertastic Limited is registered in England and Wales.
Registered Company Number: 04982077
VAT Number: GB125485804

Hosted by LayerShift

 Mastercard Maestro Visa American Express
Diners Club JCB Discover Paypal
Sectigo Trust Seal
Reviews
Cyber Essentials