Board member usage of company confidential material has been a hot topic in the news this month. A recent Bay Area incident involved allegations of intentional redistribution of sensitive information to unauthorized recipients. Even when there are highly trusted and ethical board members and employees, precautions are also important to protect against accidental redistribution of sensitive material.
With laptops being stolen out of houses, cars, offices, cafes, hotels, luggage, etc. – the value of the information on computers can be much more than the resale value of the hardware itself. Not only is protection of the information important while it’s being stored on a laptop – further safeguards should be in place to prevent unintentional redistribution of sensitive information beyond that device.
A common incident is when someone sends confidential information to the wrong person, say through a slip of the email address book and the handy auto-complete addressing feature. Let’s say you know two people with the same name. Do you always visually double-check the domain name to make sure you have the right one? Sometimes this means having to actually click on the name in the To: line to view the address, beyond just the name. Also important to know who is on what mailing lists, internally and externally. That’s a lot of extra effort required on every sensitive email message.
One way to provide added assurances against both intentional and accidental redistribution of sensitive information is to persistently protect the content itself – using enterprise rights management. This technology is independent of storage and transport, applying directly to the content itself. It can be used to restrict access to an electronic document, no matter where it ends up stored on a computer, transported in an email message, CD-ROM, or USB key – inside or outside the company. Enterprise Rights Management can further restrict printing, modifying, and copy/paste once the protected content is open. Expiration and revocation functions can request that access to a document be disabled at a specified time, or even immediately. Audit logs help track who did what to a document, or who tried to do something without permission.
Sensitive information can be protected with Adobe Acrobat on Windows and Mac. Recipients with the free Adobe Reader on Windows, Mac, or Linux can view the PDFs – protected with LiveCycle Policy Server. Support for native Office and CAD documents is available this Fall.