What are your documents hiding? cleanDocs Product Manager Assaph Mehr explains.
Document metadata is often overlooked as a privacy risk since it is hidden and quickly forgotten. However, if metadata isn’t removed, every email attachment and shared file could expose highly sensitive and potentially damaging information in the form of a data breach punishable under global regulations like the GDPR. It’s important to understand what metadata is to be able to manage it properly.
Below are six types of metadata that could be putting you at risk of a data breach.
1. Author tracking data
This metadata is the document author’s first and last name, which is classified as personal information under global data regulations like the GDPR and, if leaked, can lead to fines of up to 4% of global revenue.
2. Document properties
The names of authors, contributors, companies, and computers can reveal a person’s identity and constitute a data breach. If the shared document is based on an old template, the author details could belong to someone who left the business long ago and suggests content isn’t being updated regularly.
3. Custom defined fields
Custom defined fields can contain especially sensitive information, like email addresses and telephone numbers. Highly personal data, like names, addresses, and financial information, are the most common types of data used in cybercrimes.
4. Embedded objects
Embedded objects, like a section of an Excel spreadsheet, can be exposed just by double-clicking. Even though the sender may think they have done due diligence by hiding cells or columns, it is still very easy to uncover the data. Clean hidden objects when you send a file containing one person’s information, so you don’t inadvertently give them access to someone else’s as well.
5. Comments and Track Changes
Comments and Track Changes in a document are usually information or remarks never meant to become public. Cleaning metadata doesn’t have to involve removing all Comments and Track Changes if the document is still in the collaboration or review phase. When it is time to finalize and publish the document, simply scrub the remaining metadata on send.
6. Hidden text
White text on a white background isn’t really hidden, and a black highlight or black isn’t redaction. Incorrectly hidden or redacted text is data that needs to be removed permanently before a document is shared. It’s all too easy, after all, to text search a document, copy and paste the ‘redacted’ area, or turn all text to black to expose hidden content.
Want to learn more about metadata management and data breach prevention? Discover additional information below.