14 Jan. 2011 | Comments (0)
“In a digital age, governments or private enterprises cannot count on privacy. Any digital information is discoverable whether by the deliberate action of people inside the enterprise, the hacking of people outside, or simple human error or system failure. Disclosure is almost inevitable because:Their recommendations for private enterprises are:
Additional technical or procedural measures may reduce future disclosures but cannot prevent them entirely. Conventional computer systems connected to the Internet will always be vulnerable to external attack. And the recent Stuxnet virus demonstrated that a determined and expert hacker can penetrate any computer system, even when it is supposedly protected by an "air gap" between it and the outside world. Governments officials who take heavy-handed steps to prevent further embarrassment may fuel the public's suspicions and motivate more leaks. Private enterprises that do not prepare for leaks may suffer significant commercial damage.”
- Material published on the Internet instantly reaches audiences around the globe.
- It can't be deleted.
- The sources who provided the information can be hidden.
- “Understand the risks associated with any assumption of privacy related to information and move toward an expectation that every action or decision will be recorded and could be made public.
- Use this WikiLeaks event as an opportunity to war-game with your business colleagues the impact that might be created by similar leaks from your own enterprise.
- Extend risk management strategies to include issues arising from the unplanned release of information. Take into account the extent to which such a release will affect the trust in, and reputation of, your enterprise.
- Consider pre-empting leaks by releasing more information yourself to increase your enterprise's transparency.
- If a leak of what you are discussing could cripple your enterprise, prevent any recording of it, including minutes typed on a computer.
- Train users on how to spot inflammatory content in e-mails and other documents.”