Archive for March, 2012

Is Confidential Data Leaking from your Organization?

Wednesday, March 14th, 2012

Every company has internal documents that are for internal-use-only – reports, memos, procedures, letters, vendor lists, etc.

Often these documents are posted and stored on a company’s internal web site (intranet) or on a public cloud-based service like Google Docs or a Sharepoint service where the documents are not shared publicly but require a login or other permissions to access.

Other times the documents are emailed to all or select employees.

But what happens if due to an accidental configuration change your content becomes publicly accessible? Or if an employee posts an internal document on a discussion board or web site.

 

How would you find out as quickly as possible? How can you possibly search the entire Internet for data leakage from your company?

Well one easy and free way is to take advantage of Google’s search alerts.  Google constantly scours the Internet looking for new content.  From Google’s own description of this service:

Google Alerts are emails sent to you when Google finds new results — such as web pages, newspaper articles, or blogs — that match your search term. You can use Google Alerts to monitor anything on the Web. For example, people use Google Alerts to:

  • find out what is being said about their company or product.
  • monitor a developing news story.
  • keep up to date on a competitor or industry.
  • get the latest news on a celebrity or sports team.
  • find out what’s being said about themselves.

Here’s how it works:

  1. You enter a query that you’re interested in.
  2. Google Alerts checks regularly to see if there are new results for your query.
  3. If there are new results, Google Alerts sends them to you in an email.

 

So one way to monitor for leaked documents is to set up Google alerts for your company name, and for key personnel within your company.  You’ll likely want to put the search terms in quotations otherwise you’ll get a lot of unrelated alerts.

If your documents typically contain a specific footer or header, you can also create a search alert that looks for a specific phrase that appears on each of your internal documents.  Example  “Internal-use for ABC Company Staff only” (if this actually appears on all your internal documents).

You can configure these alerts to be emailed to you right away or in daily batches.

Unfortunately, if you do receive an alert that indicates an internal document has been posted online somewhere – this also means the damage has already been done.  You could try to get the document removed, but if Google has indexed the page or content, it will also remain in their cache for a period of time even after/if you are able to delete the content.

However with the knowledge of what information has leaked out to the public, you can now take appropriate steps to mitigate the situation or do damage control.

 

Nathalie Vaiser, MCP, MCTS, C|EH