Recently, an email error in Northern Ireland leaked the personal details of hundreds of prison officers working in the country. A spreadsheet containing the names and dates of birth of every Northern Ireland Prison Service employee was mistakenly forwarded to a third-party contractor. Thankfully, the security-vetted contractor was immediately made aware of the mistake and instructed to delete the information that was sent.
Imagine what could have happened if, instead of sending that spreadsheet to a third-party contractor, they’d forwarded it to an unknown third party. Imagine if that unknown party had seen fit to put that spreadsheet into the hands of criminals. It wouldn’t just be a matter of some stolen corporate assets or lost revenue. Lives would literally have been on the line. The officers and their families would be at personal risk of criminals coming after them or blackmailing them.
With such high stakes, this raises the question of why the Ireland Prison Service was sending unencrypted emails and unprotected files in the first place. It may well be that they simply lost sight of an important truth – the real cost of negligent file security. It isn’t just a matter of protecting product roadmaps or trade secrets. It’s also a matter of protecting people.
Your employees. Your customers. Your friends and family.
Security Is More Than a Corporate Data Issue
It’s easy to forget that the price of a data breach or leak is often more than financial or reputational. Even a small mistake – such as incorrectly forwarding an email – can have massive, far-reaching personal impacts on people’s lives. The phishing scams unveiled earlier this year by the IRS, for example saw the financial information of countless employees stolen. The Ashley Madison leak saw countless lives ruined, in some cases even leading to suicide. And medical identity theft is an ongoing concern in healthcare.
In each case, every record is one more person who has to deal with a stolen or defrauded identity, and each record is one more life that’s potentially ruined.
If the Northern Ireland Prison Service had been using a secure file sharing tool like the Forrester-recognized WatchDox, mistakenly sharing a sensitive spreadsheet would have been a non-issue. WatchDox embeds digital rights management technology at the file level – meaning that it gives IT access to a robust set of security protections and controls that follow documents wherever they go.
A Personal Case for Secure File Sharing
With WatchDox, the contractor would lack the necessary permissions to access the records. And in the event that access was mistakenly granted, it could be rescinded immediately. Even assuming the document was accidentally shared via email, it would still be safeguarded, either through WatchDox itself or the Email Protector utility.
In short, if the Prison Service had protected its employee records with WatchDox, it wouldn’t matter who they sent the spreadsheet to. Any recipient who hadn’t specifically been granted access would be unable to do anything with the file. The details of the prison officers would be safe, and they wouldn’t have to worry about their lives or the lives of their families.
It’s easy to forget amidst discussions of mission-critical documents and secure collaboration that data breaches have real implications for real people. Effective security controls aren’t just about protecting corporate information or reducing company risk. It’s about people’s lives – about protecting real men and women from the talons of cyber-criminals.
Want to learn more about what WatchDox can do for you? Register for our upcoming webinar on Tuesday, July 19 at 11 AM EST, or download the Forrester Wave report naming us a Leader in EFSS. You can also visit the official WatchDox page or view our WatchDox product demo for further information.