The term “sensitive document” refers to information that an organisation would not want anyone who is not authorized to view. These documents could be damaging to the business if they were leaked to rivals, or detrimental to individuals if released to the general public. The information could range from a company’s pre-release earnings statements ending in the hands of a competitor to confidential research and development documents being released to the wrong individuals.
It’s not easy to identify sensitive data in your organization. In addition to having higher security standards, this information is often required to be stored in accordance with regulations such as GDPR (General Data Protection Regulation). Your business receives personal information in a variety forms: from employees working remotely credit card companies, other financial institutions, call centers and customer service agencies, and contractors. You should keep a list of all your files, folders and mobile devices, as well as laptops and home computers to ensure that you know what information is stored in your company.
It’s important to be aware that the files you create can contain hidden meta-data that can expose confidential information. This includes the use of geo tagging, track changes on photographs, and embedded information in modern file formats. It is a good idea to scrub all of your files and get rid of this hidden data prior to making them public. This will prevent anyone who is not authorized from accessing sensitive information by making the data appear to be from a trusted source.