While malicious users are always on the minds of enterprise IT teams, employees who are sometimes just careless concerns IT teams as well. A recent spate of data leaks attributed to simple human error shows the critical role that data access plays in the protection of confidential corporate information.
Earlier this year, for example, Google blamed human error as the cause of a major data leak it experienced within its Local Business Center (since renamed Google Places). A Google customer that invested in a listing with the search giant found that information on their listing, the search terms people used before clicking it and other related data was sent to third parties. There was nothing malicious about the act; Google describes the incident as an employee simply copying and pasting the information from one template to an incorrect one.
But this does not nullify the damage done. If the information was sent to a competitor, for instance, Google's customer would have been put at a serious strategic disadvantage and would have likely cut its ties with the search giant. Mea culpas don't always work in the corporate world, as data leaks can fatally wound partnerships. Confidential files can be whisked around the globe in only a few clicks so it is imperative that enterprises safeguard their sensitive information from both malicious users and their own employees' carelessness.
Sterling-Hoffman's data security strategy
The central tenet of Sterling-Hoffman's data security strategy is that any measure that allows employees to visually recreate documents is useless. Whether it's copying information on the screen to another file or even snapping a photo using a camera phone, the battle is lost once malicious insiders have data on the screen. Despite this fact, enterprises cannot impose overly aggressive data protection policies because they then run the risk of inhibiting productivity, thus dulling their competitive edge. This is why we have implemented a comprehensive data security strategy that protects information at its source, as well as on primary communications channels, to prevent leaks.