What are your documents hiding? cleanDocs Product Manager Assaph Mehr explains.
Just about every electronic document contains some form of metadata. Metadata often gets overlooked as a risk to data privacy, since it is hidden and not immediately obvious to the user. If metadata isn’t removed, every document sent via email or uploaded to the internet could expose sensitive or damaging information.
Every file that leaves your organization should be as secure as a piece of paper, and this requires metadata management. So, what are you managing, exactly? These are six types of dangerous metadata that could be putting you at risk of a data breach.
1. Hidden text
It might seem obvious, but this is a reminder that white text on a white background isn’t really hidden and a black highlight isn’t redaction. Clean incorrectly hidden or redacted text to keep the information secure. It’s all too easy, after all, to text search a document, or turn all text to black to expose hidden content. Minimize the risk and remove it altogether before you press send.
2. Author tracking data
This type of metadata can tell the reader who wrote the document and inadvertently expose their identity. Details about someone’s identity are classified as personal information under global data regulations like the General Data Protection Regulation (GDPR) in Europe and, if leaked, can breach their privacy.
Author tracking data needs cleaning since it can inadvertently expose someone’s identity if leaked. Failing to keep it secure could result in fines as large as 4% of global revenue.
3. Custom fields
Custom defined fields can contain especially sensitive information, like email addresses and telephone numbers. It’s critical these be removed before they end up in the wrong hands. Highly personal data like names, addresses, and financial information are the most common types of data used in cybercrimes. Additionally, clients won’t be too pleased that their data wasn’t adequately protected.
4. Embedded objects
Embedded objects, like a section of an Excel spreadsheet, can be exposed just by double-clicking. Even though the sender may think they have done due diligence by hiding cells or columns, many don’t realize just how easy it is to uncover the data.
Removing embedded objects is particularly critical for data request responses. Clean hidden objects when you send a file containing one person’s information, so you don’t inadvertently give them access to someone else’s as well.
5. Comments and Track Changes
Comments and Track Changes in a document can expose information never meant to become public. Just imagine if an internal remark ended up in the hands of opposing counsel, or a competitor. Metadata management can keep Comments and Track Changes if the document is still in the collaboration or review phase. When it is time to finalize and publish the document, simply scrub the remaining metadata on send.
6. Document properties
The names of authors, contributors, companies, and computers can reveal a person’s identity and constitute a data breach. If the shared document is based on an old template, the author details could belong to someone who left the business long ago and suggests content isn’t being updated regularly, so it’s essential to remove this metadata before sharing.
Metadata management doesn’t have to mean a significant change in the way you work, but it can ensure that damaging information is cleaned from a file before it ends up in the wrong hands. Add a solution to your email that prompts users to scrub attachments before they click Send, and you will add an extra line of defense against inadvertent breaches.
Want to learn more about metadata management and data breach prevention? Discover additional information below.