When a company is getting ready to release a new product or service, it will need to train its workers on how to use, handle, and sell it. But apparently a few too many companies are forgetting an important training step: Securing it.
Training materials are often sensitive — especially when they concern upcoming product or service releases. (Remember the lost iPhone fiasco?) Anyway, Verizon is the latest company to learn, the hard way, the importance of training-material security. An anonymous tipster apparently released screenshots from training materials that were being used by an internal account management team. The screenshots included price details for a shared data (family-style) cell phone plan. The problem is, Verizon hasn’t yet announced its shared data plan (and neither has its main competitor, AT&T), but now the cat’s pretty much out of the bag.
But, in the words of our president, let’s consider this a “teachable” moment. Fact is, this is a common-enough problem, and there are a few tools your company can consider implementing to avoid this sort of gaffe.
Content Management Systems: CMS facilitates data sharing while controlling who can access what documents.
Data Loss Prevention: DLP programs watch outgoing information on a firm's network and blocks the passing of sensitive information.
Network Forensics: This method involves monitoring the network and analyzing for abnormal activity such as intrusions.
None of these methods are 100 percent foolproof, of course, particularly when it comes to role-based access, as many employees are over-entitled and change roles. And if a worker gets an idea in his head to email out your sensitive new pricing details, well, it’s hard to stop that.
So more important than any software or security features, it’s essential that you communicate to your employees the sensitivity of their training materials and the consequences that they’ll face — and the company as a whole will face — in the event of a leak.
Image used under Creative Commons by Flickr user Robert Scoble.