Identifying Sensitive Documents
The term “sensitive document” refers to data that an organization would not want non-authorized individuals to see. These documents could be damaging for the company should they be leaked to competitors, or damaging to individuals if they were divulged to the general public. This information could range from a company’s pre release earnings statements that end in the hands of a competitor to confidential research and development documents being shared with wrong individuals.
The identification of sensitive information within your organization is not an easy job. The information you collect must be protected according to the laws such as GDPR (General Data Protection Regulation). Your company receives personal data in many forms: from employees working remotely, credit card companies and other financial institutions, call centers and customer service organizations, as well as contractors. You should make an inventory of all your files, folders and mobile devices, as well as laptops and home computers to ensure you know what information is kept in your business.
It’s also important to take into consideration that any file you create may contain hidden metadata which could reveal sensitive information. This includes tracking changes, geo-tagging photos and embedded data in modern file formats. It is a good practice to clean all your files and eliminate this hidden data before making them available to the public. This can help prevent unauthorized individuals from gaining access to your private information by making it look as if it came from an inside source.