Metadata misdemeanour: How to avoid the front page

metadata

Embarrassing and potentially harmful data leaks are a modern day PR nightmare, with the stakes higher than ever and the possibility of a scandalous news story hitting the front page.

The new French president Emmanuel Macron was the subject of a recent e-mail leak that was supposedly timed to coincide with the French general election. Over 9GB of data found its way into the hands of an anonymous 4Chan user who then posted it all online. Parts of the e-mails were apparently written in Russian and attempts of metadata removal were visible. Whilst this all sounds somewhat “cloak and dagger”, none of this particularly proves anything as the data was obtained using fake e-mail accounts and had been obtained illegally by hackers.

However, the timing and quantity of data obtained does prove that even seemingly secure organisations and modes of communication aren’t truly safe. Making sure you and your organisation are doing everything to secure valuable and vulnerable data is essential to the well-being and future of your company. Here are some secure ways to make sure you don’t end up on the front page.

Maintain clear communications boundaries

The emergence of the work from home employee, ’bring your own device’ (BYOD) schemes and remote working for field based employees has drastically changed the landscape of the work place and what it means to have a secure communications channel.

A simple way to combat this is to have a heavily secured closed-circuit authentication e-mail system that is regularly checked by your IT team for malicious content or vulnerable data, making sure that all employees who work for you use it routinely. You or your IT department will be able to ensure that this is covering all incoming and outgoing messaging.

Being able to regulate communications is less about ‘watching your employees’ and more about safeguarding careers and business reputation.

Install antivirus and malware software

Make sure all systems come complete with a thorough antivirus and malware defence system. This includes, BYOD, mobile devices, company owned laptops, desktops and cloud based systems. Protecting the information you store, transfer and create is a basic but an often under-funded business expense.

How often do you see systems using outdated anti-virus systems? Too often is the unfortunate answer. Taking the time to upgrade your company defences might seem like an unnecessary expense, but not if you weigh up what that security is worth to you and your clients in the event of a malicious hack or virus.

Metadata cleaning tools

Metadata is a sneaky one; as it hides in all your files, showing up when you least want it to, like the e-mails from En Marche! With Macron’s party the victim of a malicious e-mail hack, who’s to know which of the 9GB of leaked data is even real, but the consequences of the attack were potentially devastating for the campaign.

You can protect yourself and your business from this kind of embarrassment by investing in a metadata cleaning tool.  It is a piece of software that sits in your computer system that cleans files of metadata before transfer or e-mailing. Metadata can reveal the author of an article or contract, the location on a photograph, the dates, times and places the document has been opened or edited and by whom. Sometimes the ‘Track Changes’ and Comments options in Microsoft Word will show how a contract or deal changed or evolved throughout the negotiating process. This might not be information you want made public when negotiating a multimillion pound deal!

Guaranteeing that any file that leaves your business is clean and won’t disclose any information that it shouldn’t offers reassurance that is worth its weight in gold.

Consider Non-Disclosure Agreements

Non-Disclosure Agreements (NDA) are often used in legal and financial circles to protect client information or business deals whilst they are in progress. Though it might seem like an over-reaction or a lot of hassle, the ability to accurately pinpoint areas of information that are too sensitive to be leaked is invaluable. This will provide peace of mind to you, your clients and your employees. The employees’ need to sign one of these may not immediately seem to put their mind at ease but it really is in their best interests, often protecting them from uncomfortable conversations they would rather not have, providing clear structure to discussions between competing parties and backing up negotiations with the confidence of knowing the proceedings will go no further than those four walls.

Non-Disclosure Agreements should be drawn up by a legal professional, but once drafted can often be templated for future use.

These are a few simple options to help secure your business, find out more here, and plug data leaks which you might not have realised were even happening. Security, discretion and faith in your business are things you can’t buy from your clients, these steps might go some way to attaining that though.

Dean Sappey President and Co-founder, Docscorp