Could sensitive information be leaving your business through something as simple as an email attachment? Are rivals, hackers, thieves or the simply nosy getting access to business plans or customer data just by posting a request on social media? Don’t think it can’t happen - highly-respected scientists are already pirating intellectual property around the world in this way. Sharing data could be next.
Here’s how it works. Scientific research is an important resource for two key parties - scientists working on specific problems who need to be aware of advances that have been made and the publishers who put those findings out behind paywalls. Many in the scientific community argue that knowledge should be shared freely, but the process of peer review, validation, checking and editing has to be paid for somehow.
Hence, the subscription model which currently controls how most academic scientists get their research published. Their funding often relies on having papers accepted by reputable publications, which is why there is general acceptance of output being managed this way.
But when it comes to accessing and reading papers, social media and digital channels are prising open those paywalls. As reported recently by the BBC, a quick tweet using the hashtag #IcanhazPDF will usually see a fellow scientist who has already paid for the paper sharing it via email. Delete the original tweet and nobody is any the wiser, since few publisher track their IP in this way.
So could the same approach be used to snag data? Criminals already use social media to phish for log-in details. A more direct request could easily pay off - #Icanhazesalesforecast or #Icanhazcustomerlist might generate a response. It costs nothing to ask...
Stopping leaks of this sort is not easy, but it is necessary. The first step to take is building a culture which understands just how valuable information really is, whether it is the contents of a database or a spreadsheet of pricing formulae. Pre-internet business executives tend to have a clearer sense of why information is proprietary, since sharing it used to be difficult. Digital natives have grown up with a culture that “information wants to be free”. Combine that with their first-twitch response of using social media and the safety of information is clearly at risk.
In the financial services sector where highly-sensitive information is a critical asset and where regulatory oversight is intense, moves are afoot to tighten up the role played by social media. A Social Media Charter for financial services is being developed, while a financial technology platform has already been built in close collaboration with the Financial Conduct Authority. Such solutions seem likely to spread as organisations in every sector look at how to ensure their culture is better boxed-up against the porous effect of social media.
A second step is to implement methods of tracking how intellectual property, whether in the form of a PDF or a data set, is being distributed and used. Commercial data owners understand the value of placing seeds into their data (although not enough realise that best practice would be to use a third-party solution, rather than relying on in-house friends and families). One response to the crisis in charity data sharing seems likely to be a data tracking system. The music industry now follows every stream and download, for example, to ensure revenue is being collected and distributed appropriately.
Expect more organisations to monitor their data assets this closely in the future - and to keep a close eye on social media for requests to “haz data”.