Could WikiLeaks Get Your Secrets?
3. Have you hired a professional outside expert to try and hack the system?
4. Do you Google your employees and also check out what they are saying on Facebook and Twitter?
5. “According to a 2009 Proofpoint study of 220 leaders at American companies with over 1,000 employees, 38% employ staff to read or otherwise analyze the content of outgoing email, compared to 29% last year. Why the big increase in surveillance? 34% said their businesses had been affected by the exposure of sensitive or embarrassing information, up from 23% in 2008.” —Harvard Business Publishing's The Daily Stat
6. Does any sensitive data repose in employees’ home computers?
7. How about flash drives and laptops? My private archive is replete with horror stories of personal, business and government laptops that have been stolen or left in taxis or on airplanes. For example, here the lede from a Dan Eggen 2007 Washington Post story:
The FBI said that 160 laptop computers were lost or stolen in less than four years, including at least 10 that contained sensitive or classified information—one of which held "personal identifying information on FBI personnel," according to a report released yesterday.
8. Does your organization have any kind of directive regarding how sensitive data is to be handled? If not, why not?
Finally, Are You Safe in the Cloud?
The Mar. 3, 2011 issue of Bloomberg’s Business Week had a cover story touting the benefits of so-called Cloud Computing. According to the story, Amazon, Google and Microsoft are doing battle to win the hearts and minds of computer users to store and make available all their data in the “Cloud”—somewhere out there in dataville—so you don’t have to worry about storing your own stuff, back-up operations, dealing with endless updates, etc.