Jun 152007

“Data leak” is one of the hot catch-phrases today. And it is no wonder.

Every day, almost literally, there are news stories published about companies losing personally identifiable information (PII) and other types of sensitive information. The data can leak out of a company in about as many ways as you can store or transmit information.

* Through email messages
* Intercepting wireless transmissions
* Improper disposal of printed paper
* Improper disposal of electronic storage devices
* Improper disposal and/or reuse of computing devices
* Metadata within electronic documents
* Poor access control configurations
* Lack of awareness and knowledge by users
* Malicious insiders with trusted access
* And the list goes on and on

These data leaks not only can result in costly security incidents, they can expose PII to identity theft and fraud, and can put the spotlight on an organization’s noncompliance with a wide range of laws and regulations.

I have been discussing these and related issues at my own blog site for 1 1/2 years, and will continue to do so. However, I also now look forward to engaging in information security, privacy and compliance discussions, debates and dialogues here on the Cutter blog. Thank you for inviting me to participate!


Rebecca Herold

Rebecca Herold is a Senior Consultant with the Cutter Consortium's Business Technology Strategies practice. She is an information privacy, security and compliance consultant, author and instructor.


 Leave a Reply

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>