The concept of information hygiene seems quite paradoxical. However, this phrase is not new, and the problem is acute. We all live in a world of severe information overload, where everyone has to process huge amounts of data on a daily basis. In doing so, a habit of constant awareness is formed, and can even develop into the urge to permanently stay tuned to the information flow.
Back in 1998 Linda Stone, an employee at Microsoft Research, came up with a definition of “continuous partial attention.” This refers to the process of paying simultaneous attention to a number of sources of incoming information, but at a superficial level.
Since then the problem has only become more serious because data flow density has increased. One of the main challenges for any business involved in information technologies is abundant “information noise,” i.e. unnecessary information that, tends to stick around in the mind. Concerning information in general, the main function of media is separating the wheat from the chaff and passing data in a structured form to the end user. However, mass media actually keeps contaminating the info sphere with garbage. A significant number of people are ready to consume it and believe that distraction from work helps them relax and makes it easier to focus on their main activities later on.
The actual situation is exactly the opposite. Employees in Europe and the United States waste up to 30% of their working time on “leisure” and personal issues. And the reasons for that are not just laziness and a poor organization of work, but also the continuous partial attention associated with the habit of consuming information indiscriminately.
In terms of information security, the concept of “information hygiene” acquires an additional meaning. A huge number of sites with trashy or entertainment content are hotbeds for malware, exploits and other threats. Social networks are among the most popular ways for cybercriminals to spread infection. Even sophisticated users regularly come across malicious links from their alleged friends (we will discuss this in detail in the next posting).
Hackers are actually interested in any popular sites, including news media. According to the survey, 37% of Europeans admitted to spending time on non-business issues and stated that they are predominantly interested in news sites.
Intruders are also interested in news media. No wonder the infamous Syrian Electronic Army attacked several sites of prominent mass media in the USA. There are grounds to believe that those “political” break-ins were covert operations smoke screening other actions, such as implementing hidden malicious codes, exploits or spyware. These suggestions have not yet been confirmed, though the potential threat should not be discarded since this opportunity was so tempting.
What conclusions are to be made from the above? First of all, employees that disregard “information hygiene” can pose real threats for businesses: firstly, they can cause a general decline of productivity due to partial attention; secondly, they pose a threat for potential danger coming from “entertainment” sites. The first problem can only be prevented by teaching people the basics of IT security in the workplace, so if they do waste their working time, at least they can avoid sites that spawn hordes of exploits in the corporate network.
And as for solving the second problem, there are tools that allow blocking malware, monitoring web traffic, cutting short any activity of exploits automatically and the like. If necessary, Kaspersky Endpoint Security for Business can also help you limit or simply deny access to certain web resources in the case the company’s management believes this will improve productivity.