January 3, 2007

By Ron Woerner

Are you watching what you are telling your neighbors?  Do you guard information in your care to make sure only those people with a need to know can see it? Hopefully, you’re not accidentally letting any secrets slip.  It could be disastrous if confidential information got out to your competitors.  It could hurt your sales, your stock price and your reputation.

It happens in a variety of ways: accidental disclosure, carelessness in storage and protection, and corporate espionage.  Many times, it happens because people are not always conscious about how they handle sensitive information.  Employees are often the greatest threat in the compromise of sensitive information.

Following the simple steps below will help assure your ship is not sunk by loose lips:

1.    Know your information.  Is the information you handle sensitive or confidential?  What would be the damage if it gets out to the public or one of our competitors?
2.    Label sensitive, proprietary or confidential information as such.  You may know that the information is sensitive, but do your co-workers?  This is solved by labeling the document or data source as confidential.
3.    Stop and think before doing anything with the information.  You should be conscious on how you use the information and where you store it. Don’t share it with someone who doesn’t need to know.
4.    Protect sensitive, proprietary or confidential information.  This is a separate article by itself. In general here are some things you can do:
•    Place it in a secure location (not the public folder or even your laptop hard drive).
•    Better yet, don’t store a copy outside of a protected area.  Your PCs hard drives are neither secure nor protected.  If you don’t need a copy of a document, then don’t keep it on your computer.
•    Don’t send it to an outside email address unless absolutely necessary.
•    Encrypt it.
•    Remove any extra copies of sensitive documents.  Maintain originals in a secure location and get rid of all other copies.
5.    Ask for help.  Work with your security department.  If you are the security department, ask for help from others.
6.    Be on the lookout.  Inform security if you find sensitive information that you shouldn’t be able to see.  It’s not to get someone else in trouble, but to protect your company.  Security should collaborate with the originator to ensure its proper protection.

By working together, we all become stronger.

About the Author Guest Blogger

{"email":"Email address invalid","url":"Website address invalid","required":"Required field missing"}

Don't know where to start?

Check out Security Catalyst Office Hours to meet your peers and celebrate the good, help each other, and figure out your best next step. We meet each Friday… and it’s free to attend.