As a result of switching to remote work, the number of corporate data leaks through screen photos and screenshots has increased to 35% of their total number. It is impossible to completely protect oneself from such thefts, but developments are underway towards using video surveillance and individual marking of documents.
CROC and EveryTag conducted joint research on the most popular data leakage channels. They surveyed the experts from the financial, industrial, retail, and IT sectors.
The research showed that most of the leaks (35%) are accounted for photos and screenshots, and 13% of leaks are caused by insiders making physical copies of documents. In total, 30% of leaks occur through messengers, e-mail and social networks.
CROC specialists suppose that the transfer of physical copies of documents and their photographing have become noticeable leakage channels since the company switched to remote work. 76% of the surveyed organizations reported that they know about the leaks and try to investigate them, 21% of companies say that they are unable to identify the insiders, and 17% of companies confessed that they do not even track such incidents.
How data is leaked through photos
In addition, 48% of the surveyed are sure that the traditional data leaks prevention systems (DLP-systems) cannot protect the confidential data from being photographed and its physical copy from being transferred. For instance, insiders from a mining company where a DLP-system was installed, used Telegram channels to share documents disclosing the details of deposits exploration deals. The company explained that leakage simulation helped identify one of the key insiders. Rostelecom-Solar noted that in similar cases, different information mimicking critical is sent (or otherwise is made available) to different employees, the insider is identified depending on what specific information is leaked. In 2008, Elon Musk used this method to identify the source of insider leaks in Tesla Motors.
The increased number of leaks through photos was detected yet in 2019 when financial enterprises actively started to implement DLP systems. Some of DLP systems can connect to front-facing cameras on monitors and laptops and detect when screen is photographed. However, the system can be deceived by turning the web camera off or concealing the smartphone case.
How to prevent data leaks
Did you know that 9% of employees would like to sell your company’s confidential data? Good news are: you can identify the leaker.
In order to identify the insider among the employees, software for hidden document marking can be installed. It modifies every document copy for every user by changing the text in such a way that the human eye cannot see the difference.
We at NNTC currently offer our customers a G-71 solution that is based on LeaksID. This system finds and establishes the identity of the leaker using any piece of the document without fail.
LeaksID uses a patented algorithm that marks every file in a way that is invisible to the naked eye. Visually, the differences between the original and a copy are invisible: no watermarks, no visible markers. Users share documents and can read them easily.
The end-user receives a unique and marked copy of the document every time the document is opened, emailed, or printed out. These marks are impossible to remove.
In this manner, every person who works with the document knows that if data breaches occur, whoever is responsible for them will be identified – even if the size of the leaked fragment is extremely small. It works with the original document and even with its photographs, photocopies, printouts and any other “tricks” in an attempt to cover up the tracks. You can detect the source of a leak by uploading any piece of the document if you uncover it in the public domain or as a hard copy.
If you are interested in testing this solution, do not hesitate to contact us.
