Odds are, files and documents in your organization are not sitting in a folder on a desk or in a filing cabinet in the office. On the contrary, they are sitting on the cloud or computer desktop, and they are being transferred over email. The convenience of sending documents quickly with a few clicks has transformed the speed of business. But, like all things digital, convenience comes with risks. The data in the background of documents created in applications such as Word or Excel, or even an account number buried within a PDF or screenshot can unintentionally give away sensitive information.
The Problem with Hidden Data
Document Recycling: Edit, Save, Repeat
Document properties and edit history are examples of hidden data inside a document that can create havoc on an organization. Say for example, a bank associate uses the same Word document to summarize a loan for a customer. Rather than start from scratch each time, they simply open the document listed as “Smith Quote” and change it to “Jones Quote.” Now that the document is saved as a different document, they fill in new percentages and currency amounts. They send it over to the customer in an email.
Customer Jones reviews the document and decides to look at the document history. The edits show that customer Smith received a much lower percentage rate on a loan. Suddenly the bank associate may have some more explaining to do.
Reusing a document is a common practice as starting a new document takes more time and brings the added risk of forgetting important details. While seemingly innocent, even the simplest information can cause unwanted exposure.
Even sending Excel documents before removing hidden cells or information can cause many problems for an organization with unintended exposure of sensitive information.
Concealing Credentials
A document can be a treasure-trove of information within the hidden data. Document properties contain user and system names associated with the document as well as revision history and other metadata. This information often goes overlooked as it’s not obviously visible, and if your email security solution doesn’t sanitize hidden data from your documents before sending them in an email, you’re simply handing this data over. The exposure of hidden data can also place your organization in breach of regulatory compliance laws.
Visuals for Faster Communication
Let’s face it. Sometimes it’s easier to send an image than type out a long-winded email. Screenshots and images (JPEG, BMP, GIF PNG, and TIFF) have paved the way to show rather than tell someone something through an email. Every day, colleagues send images back and forth to quickly explain or share a lot of information without the hassle of typing. However, if your image possesses sensitive information not intended for the recipient, you may have a self-imposed data breach.
Sadly, screenshots and images are not the only way to accidentally share sensitive data. PDFs — including scanned documents converted to PDFs — are documents often used in email correspondence. Imagine a 20-page PDF where one account number is buried within. The account number cannot be shared but could easily be missed, ending up in the hands of those not cleared to have that information.
Data Redaction and Automatic Sanitization
What can organizations do to save time but not release hidden data within documents and images? Is there a way to remove hidden data automatically rather than relying on everyone to remember to remove it?
These are important questions when reviewing your email security solution. You need to make sure your current solution can sanitize and redact hidden data within emailed documents – including images and PDFs.
Adaptive Redaction technology found in the Clearswift Secure Email Gateway is specifically designed to automatically remove, delete, or sanitize files based on rules set by the organization. The documents are then reconstructed to allow them to continue in transit minus the hidden data. This process keeps productivity going as it doesn’t simply stop and block the email with the attachment, which slows down the flow of work as emails are halted, files need to be adjusted manually, and then the email needs to be resent.
Through Optical Character Recognition (OCR), the process of detecting and extracting text from an image file, an image embedded within an electronic document, or a scan of a document, sensitive data can automatically be redacted and remove the potential data breach. OCR is not a feature common to many other email security solutions, including Microsoft 365.
These Clearswift features can help remove the risk of potential data breaches and does so automatically, centrally, without user involvement, and without impinging on organizational processes.