Best practices for leak-free communication: highly publicized leaks of sensitive documents have brought attention to the importance of an issue that can lead to business and reputational loss as well as government penalties. Protecting sensitive organizational data--whether internal or shared--is a serious concern. But there are solution.

• Author: Rafalin, Moti
• Position: Cybersecurity

The recent leakage of sensitive emails and documents at Bank of America Corp. brought that institution much uninvited bad press and unwanted attention. A group of lawyers at another organization was recently accused of insider trading and leaking mergers and acquisitions-related information. And recall WikiLeaks, the organization responsible for leaking massive amounts of sensitive military, State department and financial documents.

These incidents demonstrate how the leaking of sensitive financial documents has become a serious problem that needs to be addressed. It can lead to not only loss of reputation or competitors understanding an organization's economic and financial structure, but can also invite penalties from the federal government for exposing personally identifiable information (PII) or violating rules of the U.S. Securities and Exchange Commission.

Financial executives are placed in roles in which they deal with some of the most sensitive and highly regulated documents on a daily basis. These could be documents sent to executives or to the board, M&A due diligence information exchanged between parties involved in a deal, reports sent to investors or limited partners, sensitive internal memos sent to employees, research reports sent to customers or trading partners.

Protecting sensitive financial documents stored inside an organization is one small piece of the puzzle. The real challenge comes when documents need to be shared externally. And that is the case with most documents.

A recent survey conducted by WatchDox, a company that provides document security, found that though many respondents indicated this issue is a top concern, the actions the decision-makers are taking to stem leaks are incomplete. Sixty-five percent of those who responded to the survey reported that they share sensitive data, and more than 50 percent said they do so regularly. That need to collaborate seemed to weigh heavily on their minds.

In other key findings, 96 percent said they are concerned or extremely concerned about data getting into the wrong hands. Additionally, one in three admitted having had at least one incident when data was leaked. Finally, 85 percent said these leaks had not occurred because of malicious intent and 83 percent ranked document and intellectual property security as very important, more so than even anti-virus and network security.

How Does It Occur?

Sensitive documents can get into the wrong hands due to many reasons. They...