Top Five mistakes businesses make when sending out confidential or sensitive information
Author: Jan Gunner at InvisiView Media
Last Updated: 4/25/2010 10:53:34 AM
Summary
According to a recent survey by InvisiView Media, although 98 per cent of employees believe it is vital to protect confidential information, more than half don’t take any security measures at all when sending data out externally.
Article
Allegedly we live in a security-conscious world, or at least one
that understands the potential risks of data interception or
intellectual property getting into the wrong hands, despite this it
seems that business are still taking unnecessary risks when it
comes to protecting their information. Is this really down to
sheer complacency or is there more to it?
Companies make many blunders when sending sensitive information
and here are just a few common scenarios:
1. PDFs are secure: converting documents into PDF
format and believing that this is adequate enough to protect the
information is a common scenario. PDF documents can be tampered
with by the end-user and it is not too complicated to modify them,
as there are many downloadable options easily accessible from the
Internet explaining the process for doing so. Signatures,
figures and confidential data can be changed and as a consequence
security risks to your data could be inevitable.
2. Email complacency: sending the
information in an email attachment. Today we are so
email-centric that we have an over-reliance of using email as a
trusted way of sending out information. Realistically most
businesses should be well aware that an email attachment alone
offers no protection for sensitive documents but there is a
tendency to feel over-comfortable that this is a safe environment.
In fact many people send email attachments without a second thought
and this is where the real problem lies - in human complacency.
3. Relying on human intervention: asking the recipient to delete
the information once it has been viewed. This is one of the
most common mistakes businesses make, but it is one of the most
vulnerable methods. Even if the recipient does remember to
delete your email (and there is a good chance that they won't),
they are even less likely to delete the item from their 'deleted
items' box straight away, which means the information is sat
in their deleted folder and is easily accessible. Whenever
you rely on human intervention there is always an increased risk of
it backfiring so it is worth being very wary of this risks
associated with this and wherever possible, avoid sending
confidential information using this tactic.
4. Assumption that data has arrived: One of the most overlooked
questions is - was the data actually received? Can you be sure the
data you sent was received by your the intended recipient? A common
scenario is assuming the data was received, reviewed or amended by
colleagues and clients, when it never actually arrived in the first
place, as there is no formal way of confirming this, other than
vocally.
Using inappropriate and easily intercepted methods: Using
methods such as fax or post increases the risk further of data
falling into the wrong hands. Since most fax machines (if
used at all nowadays) tend to be positioned in open spaces in
offices in full view of whoever happens to be nearby, they offer
little in the way of privacy or protection. This risk is
magnified in larger serviced offices where there may be other
businesses sharing the same space as you. Equally using the
good old fashioned postal service may be more than sufficient in
some cases, but also poses its own risks of interception.
In summary, if you need to send confidential information (which
inevitably you will at some point), it is worth using a method that
allows you to send the information in any format and in an isolated
fashion. Ensuring that the detail can be viewed as required but in
a controlled way that allows you to choose exactly who sees it,
what they can do with it and how long they can see it for is the
safest route to take. Having control over the possibility of
an external party editing, altering, printing or downloading your
information will also give you increase peace of mind as well as
reduce the risk of your data being manipulated.
About InvisiView Media
InvisiView is a cost-effective piece of sophisticated technology
that allows the sender of information to display confidential or
sensitive data (whether, text, video, image or sound) in a secure
format and then send it via a web link to the recipient for
viewing. Viewing information securely via the InvisiView
technology minimises the possibility of the recipient editing,
altering, printing, downloading or saving the information.
The software is easy to use and also allows the sender to
place time restraints on viewing the information to ensure that the
viewer can only see the information once for example, and/or in a
timed slide show or static window. The sender activates the
viewing process via invite codes which are created automatically
and is in complete control of the data they have sent.
InvisiView is suitable for anyone wanting to distribute
sensitive intellectual property or confidential data. The
technology is especially relevant to the pharmaceutical and medical
industry, musicians/ recording artists, advertising and PR
agencies, photographers, designers, estate agents, film producers
and the finance and banking sector.
For further information please visit: www.invisiviewmedia.com