A Simple Step to Thwart Betrayal
added: 07.02.2013, by Mike Spinney
The most damaging data breaches result from violations of trust.
In that brief sentence I have conveyed a vital nugget of common sense that you would do well to remember. Whether you are concerned with safeguarding your company’s valuable intellectual property, or keeping a lid on personal or family secrets, you know that your efforts become more challenging as more people are given access to your confidential information. Worse, the more trust you’ve invested in someone, the greater the damage that person can do.
That is why, no matter how interesting and intriguing the world of cybersecurity may be, it is the trusted insider that keeps the savvy security officer up at night.
History is replete with the names of individuals made infamous by turning traitor. Some cases are so well known (Judas Iscariot, Benedict Arnold. Vidkun Quisling) that the turncoats’ own names are synonymous with betrayal. There are cases of corporate espionage in which trusted insiders used their positions to effect great damage to their associated brands.
Of course, when it comes to family business, Michael Corleone said it best: “Keep your friends close, but your enemies closer.”
Sometimes there’s nothing you can do to prevent a trusted associate from violating a confidence. The Prophet Jeremiah famously wrote that “the heart is deceitful above all things, and desperately wicked: who can know it?” But even if you take the more optimistic view of Alexander Pope that, “to err is human,” it still requires that we take preventative measures in order to minimize the risks associated with sharing information with others.
Consider the advice of wistleblower Edward Snowden who, in his recent online Q&A with the Guardian’s Glenn Greenwald, said in response to a reader’s question related to protecting email, “Encryption works.”
Often protecting sensitive information is a simple matter of doing something – anything – to either make it difficult for someone to decide to commit a violation of trust or to guard against an accidental disclosure.