Interested in document security but not sure what kind of documents should protect? Find out more from this beginner's guide.
All documents aren’t created equally, as we know. Some documents are more valuable to your company than others. Some have information that you wouldn’t mind letting out into the “wild wild web”, and some have highly sensitive data and information that would be highly damaging if it was released into the wild.
What’s the worst that can happen?
We’ve dealt with hundreds of companies over the years, and one quick assessment of the value of the document and data contained within it is to imagine some scenarios that can, and do, occur.
1. Leaks and unauthorized sharing (intentional or otherwise)
- Documents are sent to the wrong “unauthorized” person by mistake, either via email or other means.
- Unsecured documents and data are found on a lost or stolen device.
- Documents are intentionally misdirected for malicious and/or fraudulent purposes – either for monetary gain, extortion, or to damage a company’s reputation.
- Documents and information are leaked by employees (or other “bad” actors) to the media, antagonists, or competitors.
- Poor security or infrastructure on protected networks have left documents and data vulnerable to unauthorized sharing.
2. Hacks and attacks
Most of us are under the impression that only very large companies are attractive to hackers, not so! As documents and data become more ubiquitous and accessible, hackers are finding small and medium sized companies (with their relatively few hardened security protocols) attractive targets. Hackers may probe your networks for vulnerabilities, and specifically target documents without wrap-around security, and documents in transit, synced to devices, in cloud-storage, or in unsecured emails.
The tools and trade of the hacker have become infinitely more sophisticated, and companies large and small must now be on the lookout for these kinds of threats, including:
- Database and network intrusions
- Permission theft, misuse and loss
- Communication intercept attacks like MITM and Relay attacks
- Denial/disruption of service attacks for blackmailing, or extortion purposes
3. Copyright or patent infringement/abuse
Companies go to a lot of trouble and expense to produce original works and this content is often patented or copyrighted to protect that original investment or any revenue streams that might be attached to it. If you have copyrighted material, this work can be:
- Copied or duplicated without permission.
- Modified or manipulated without authorization.
- Used in ways that were not the original intent or without proper authority.
Online pirates aren’t just interested in music, movies and stolen software. Your course material, eBooks, company data, Board minutes, research data, maps, specs and all manner of information can be just as valuable to someone else as it is to you. Your content can end up in illegal file sharing sites where over 90% of the material is copyrighted and should, by law, be protected.
What’s it worth?
When considering a document protection plan, determine whether or not your company has data, information or content that is “worth” protecting. Determine what the consequences to your business would be in terms of:
- Revenue - losses and damage that might occur now and in the future
- Reputation - trust and confidence in your brand
- Compliance, or non-compliance with regulations and privacy laws
This was an excerpt from our white paper: What Documents Need Protecting Most?