3 dangerous risks of poorly managed document data

What are the risks associated with poorly managed document data and how can businesses avoid the dangerous consequences?

3 dangerous risks of poorly managed document data

Metadata is the digital paper trail between you and the people you communicate with and therefore contains information about your business and employees, or potentially information about clients and, for the journalists out there, your sources

Everyone has all done it. Opened a two-year-old template document, saved a new copy, edited the text and then saved it again for the rest of your team’s contributions, who each create their own version to be merged later.

It doesn’t take long for version control to go awry, resulting in documents in various stages of changes – both tracked and untracked.

Comparing and combining these documents into the most up to date, single version is a process that can take hours if not days, and all the while conceals hidden security risks that could compromise your business.

>See also: White blood cells: protecting data from the inside

These risks are in the form of metadata, which is captured in those document versions every time they change hands or go through edits. There are at least 20 types of metadata used by Microsoft Office, for example:

 Speaker notes
• Tracked changes
Hidden text, cells and fields
Comments
Email addresses
Names of contributors
Initials of contributors
Company names
Computers’ names on the network
The server or hard disk where the document is saved
Dates of revisions and different versions
Hyperlinks
Information about embedded and linked objects

The purpose of metadata is to categorise data to make it easier to find and interpret and, when used properly, it can be very helpful. If handled without care, others could exploit metadata to find information that could hurt your business, you, or anyone involved.

>See also: How to ensure that you are protected

In 2010, the Solicitors Journal published the results of a survey, claiming that 97% of law firms have no metadata management tools in place to safeguard the details stored in legal documents which are sent via mobile devices. Here are three ways that poorly managed metadata could hurt your business.

1. Leaking

Metadata is the digital paper trail between you and the people you communicate with and therefore contains information about your business and employees, or potentially information about clients and, for the journalists out there, your sources.

Documents sent via email or file sharing software can be intercepted and the sensitive information can be extracted. This makes metadata a powerful tool for hunting down whistle-blowers.

2. Hacking

Despite this technology existing, metadata leaks were a problem for users of 1Password (password management software) as recently as 2015, when users’ unencrypted names, email addresses, and login URLs were leaked (but not their passwords). This made users potentially more vulnerable to hacking attempts on their websites.

>See also: Data protection: businesses are spoilt for choice

3. Cyber-spying

Ever since telephone laws were established, communications metadata has been viewed as separate from the actual contents. The difference being that metadata is considered public information and the contents of communications is much harder to legally obtain.

But the metadata recorded by modern communications via the internet contain personal information that could be more useful to some people than the content of emails or calls.

In the US, the line between metadata and private communications is somewhat blurred by online interactions. This makes it easy for cyber-spying to occur, whether that’s by governments, private companies or individual members of the public.

What can you do?

Luckily, metadata removal technology now exists. By cleaning files before they’re sent via email, you can protect potentially sensitive information from becoming public. This can also be integrated with email systems and mobile devices to make metadata cleaning an automated part of the mail system.

In this day and age, protecting the information about your company, colleagues, sources and clients is vital for preventing the potentially malicious misuse of this metadata.

 

Sourced by Dean Sappey, president and co-founder of DocsCorp

Comments (0)