Dear Visitor,

Our system has found that you are using an ad-blocking browser add-on.

We just wanted to let you know that our site content is, of course, available to you absolutely free of charge.

Our ads are the only way we have to be able to bring you the latest high-quality content, which is written by professional journalists, with the help of editors, graphic designers, and our site production and I.T. staff, as well as many other talented people who work around the clock for this site.

So, we ask you to add this site to your Ad Blocker’s "white list" or to simply disable your Ad Blocker while visiting this site.

Continue on this site freely
You are here: Home / CIO Issues / WikiLeaks Shows Data Control Is Vital
WikiLeaks Saga Underscores Need for Data Controls
WikiLeaks Saga Underscores Need for Data Controls
By Adam Dickter / CRM Daily Like this on Facebook Tweet this Link thison Linkedin Link this on Google Plus
As the furor over thousands of U.S. diplomatic cables intercepted and spread to news organizations by WikiLeaks continues, the corporate IT world is surely looking inward for lessons to be learned.

The site was accessible again on Tuesday, reportedly going through a rented server in the U.S. after it came under apparent attack from hackers who blocked it in the U.S. and Europe.

'Attack on International Community'

Former President George W. Bush and Secretary of State Hillary Clinton weighed in on the fallout Monday.

In a webcast discussion with Facebook founder and CEO Mark Zuckerberg, Bush said "leaks are very damaging, and people who leak ought to be prosecuted." And Clinton said the disclosure of documents by WikiLeaks, founded by Julian Assange in 2006 and owned by the Sunshine Press, "is not just an attack on America's foreign-policy interests [but] an attack on the international community -- the alliances and partnerships, the conversations and negotiations, that safeguard global security and advance economic prosperity," according to USA Today.

The Obama administration has ordered a review of all government communication procedures and vowed to prosecute anyone who leaks classified information.

But what can private IT teams do to safeguard their internally classified information from some future corporate WikiLeaks?

Not much, according to Alan Paller, director of research at the SANS Institute, a cybersecurity school in Bethesda, Md.

"You cannot simply say 'Don't trust the users,'" Paller said. "I suppose the best advice is that data-leakage and data-transfer monitoring is worth the money -- much like a security camera -- to raise the chance that a thief could get caught."

Guard Your PDFs

Charles King, principal analyst of Pund-It, said the real lesson of WikiLeaks, which exposed thousands of documents on the wars in Iran and Afghanistan last summer in the biggest security breach in U.S. history before this month's diplomatic cable release, is that e-mails, instant messages, and portable document format (PDF) files "are just as real, have a potentially longer shelf life, and are vastly more portable than real, physical documents."

King noted that this lesson was learned the hard way by major corporations in recent years. For example, in the late 1990s, the Department of Justice used internal e-mails and memos from Microsoft in its antitrust suit against the software giant to show that the company tried to knock browser rival Netscape out of business, despite claims to the contrary by CEO Bill Gates.

"More recently, in Oracle's suit against [software rival] SAP, [Oracle CEO] Larry Ellison testified that 'I did not write down what I thought was a worst-case scenario,' suggesting that he recognizes the gravity of committing ideas to digital text," King recalled.

"I hope that companies are taking to heart the experience of the U.S. government," he added. "But the problem is that the only effective way to secure business data is to institute often complex and expensive cross-company solutions." Even if they do, King said, it's up to individual employees to use the solutions properly. "For many or even most companies, that's a big, potentially risky bet."

Tell Us What You Think


Like Us on FacebookFollow Us on Twitter

Over the past decade, hospitals have been busy upgrading their systems from paper to electronic health records. Unfortunately, spending so much on EHR may have left insufficient funds for security.
The British government officially blamed Russia for waging the so-called NotPetya cyberattack that infected computers across Ukraine before spreading to systems in the U.S. and beyond.
© Copyright 2018 NewsFactor Network. All rights reserved. Member of Accuserve Ad Network.