A salesperson, a marketing rep, and a developer are sitting at a bar in Chicago. It has been a long day on the trade show floor, and they are running through the day's events, discussing what happened, clients they met, prospects to still meet, and, believe it or not, possible product changes they might need to make as a result of the discussions they had with these folks. So, you might be asking yourself, "Bob, where are you going with this?"
Where I am going with this is quite simple. I am talking about information security, which is also part of information governance—a topic I will address next month. Many businesses look at information security from the perspective of locking down devices and repositories, trying to control access, and even preventing technology use out of fear that something might happen. The truth is there are more information leaks due to human negligence and bad practices than there are from any other form, but we do not hear about it, because it happens in small bits, unlike the huge events we read and hear about in the news.
The scenario I described above happens daily, not only at conferences and trade shows but also in every restaurant and bar, near every company, and in every industry. Over the years, I have been the unwilling recipient of overheard conversations of all types where confidential information is discussed, ranging from technology to financials, to healthcare.
The truth is there are more information leaks due to human negligence and bad practices than there are from any other form.
Just imagine that you are working on a new project, and suddenly, your competition beats you to market. Guess what? They have the enhancements you were just talking about a month ago, which no one had before that! In fact, no one was even discussing those features until you were talking about them with your client over dinner in Chicago and then at the bar in the hotel with your developer while it was still fresh on your minds.
In My ViewInformation security is everyone’s responsibility. This is where businesses need to step up their game on information governance and security by including education on maintaining confidentiality levels inside and outside of the office. It is one thing to discuss business over lunch and a cocktail; it is another to discuss it in great detail. There should be guidance on what type of information is allowed to discuss in public areas and what should be done in private.
It really is amazing how much information is leaked without even realizing it is being overheard. If there is a need to capture an idea immediately, find a place that is out of range, out of site, or go back to your room. Do not hold audience in the bar, airport, or trade show floor. There's a famous saying from World War II, "Loose lips sink ships." It meant that what you say could be overheard by the enemy and used against you. In business, what you say in public could be overheard as well and could put your company at risk. Information security takes many forms, and information governance must consider many facets.