Document Security: Protecting Physical and Electronic Content

This text identifies common pitfalls in document security and suggests remedies to prevent its occurrence. It strives to alert an audience of managers, security professionals, and workers who come in regular contact with sensitive information. Recognition of how sensitive documents can violate the principle of confidentiality is the primary focus of the book. Chapter 1 discusses metadata in documents. Paying attention to this issue can reduce unintentional release of sensitive information. Chapter 2 explores Web-facing documents and how search engines like Google can uncover sensitive data in those documents. Chapter 3 discusses how filtering business channels, such as e-mail, instant messaging and FTP transfers, is feasible with modem technology. Chapter 4 covers the theft of digital devices such as personal data assistants (PDAs), laptops, and cellular telephones. This chapter discusses the use of global tracking technologies and encryption to protect vital information from this growing problem. In Chapter 5, the special procedures that must be used when removing sensitive data from computers is discussed along with the methods for disposal and reuse procedures. In Chapter 6, the discussion turns to the protection of paper and physical documents and how this should form the core of any document security program. Chapter 7 examines the whole issue of “slack space” on a computer and what security can do to make users aware that computers are the ultimate recording machines. Chapter 8 describes anti-forensics and how using these techniques can help to minimize what forensic examination can uncover by preventing the inadvertent passing of sensitive data on a data storage device. Chapter 9 deals with the evaluation of online information and how to recognize bogus sites, disinformation to facilitation phishing, and other scams. Chapter 10 discusses document forgeries. Lastly, the destruction of confidential documents is examined.