A document leak is a serious breach that has the potential to disrupt your business. It’s important to understand how to respond in order to minimize the impact and limit damage.
The first step is to contain the leak. This means identifying where and how the information surfaced, limiting access to sensitive systems or inboxes and monitoring ongoing activity (for instance, requests for takedowns or notifications of new information).
It’s also essential to preserve any evidence that may be relevant. This includes suspending the normal deletion cycles across email servers, cloud platforms and document repositories in order to preserve copies of leaked documents.
Once the leak is contained, the investigation can begin. Identifying who is involved in the incident will help determine how to mitigate it. For example, in the case of Boeing’s 2017 data leak, a company employee emailed a spreadsheet to his wife (a non-employee) on an unsecured device. The spreadsheet included personal data (such as employee IDs, places of birth and social security numbers) of 36,000 Boeing employees in hidden columns. The company eventually offered two years of free credit monitoring to all affected employees.
The leak of alleged US intelligence documents has highlighted the importance of ensuring that staff members are trusted stewards of confidential information. Although this is a requirement of all personnel granted security clearance, incidents can still occur. The most damaging of these is when sensitive information gets into the wrong hands – and a leak happens.