Risk
7/1/2008
11:32 AM
Keith Ferrell
Keith Ferrell
Commentary
50%
50%

Mishandling Information Overload A Security and Legal Risk

Small and midsize businesses generate digital information a furious rate -- same as bigger business (and individuals, for that matter.) What to save and what to toss -- and the consequences of either -- looms large among security, business, compliance and fiduciary concerns. A new slideshow offers some interesting and provocative takes on taking out (and keeping in) the digital trash.

Small and midsize businesses generate digital information a furious rate -- same as bigger business (and individuals, for that matter.) What to save and what to toss -- and the consequences of either -- looms large among security, business, compliance and fiduciary concerns. A new slideshow offers some interesting and provocative takes on taking out (and keeping in) the digital trash.The presentation -- "What's In Your Digital Landfill?" -- is brief, informal and, as its close shows (and you've no doubt already guessed), aimed at getting you take a look at an information management network.

Aimed, in fact, is a pretty appropriate word: the presentation comes from content management organization AIIM (Association for Image and Information Management) whose pedigree in the topic goes back to the 1940s, when it was created as the National Microfilm Association.

In the course of about four dozen slides, the Digital Landfill presentation hits both electronic information management and the security/legal issues surrounding it pretty hard. Among the statistics offered:

About 30 percent of all digital information is business-generated.

64 percent of businesses feel confident/competent in how they handle paper records -- only 34 percent feel they same about their digital records.

Only 13 percent of businesses have company-wide e-mail policies.

And so on.

As noted earlier, not a lot of deep substance here, but enough thought-provokers (and reminders of the legal vulnerabilities poor info-management can expose your business to) to make it worth the couple of minutes it takes to watch the presentation.

The sell-section at the end is brief and refreshingly soft: AIIM is hyping a new network, Information Zen devoted to information and content-management questions and discussions.

Here's a bMighty take on information management from earlier this year.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading Tech Digest, Dec. 19, 2014
Software-defined networking can be a net plus for security. The key: Work with the network team to implement gradually, test as you go, and take the opportunity to overhaul your security strategy.
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2015-1414
Published: 2015-02-27
Integer overflow in FreeBSD before 8.4 p24, 9.x before 9.3 p10. 10.0 before p18, and 10.1 before p6 allows remote attackers to cause a denial of service (crash) via a crafted IGMP packet, which triggers an incorrect size calculation and allocation of insufficient memory.

CVE-2015-2072
Published: 2015-02-27
Multiple cross-site scripting (XSS) vulnerabilities in SAP HANA 73 (1.00.73.00.389160) and HANA Developer Edition 80 (1.00.80.00.391861) allow remote attackers to inject arbitrary web script or HTML via unspecified vectors to (1) ide/core/plugins/editor/templates/trace/hanaTraceDetailService.xsjs or...

CVE-2015-2075
Published: 2015-02-27
SAP BussinessObjects Edge 4.0 allows remote attackers to delete audit events from the auditee queue via a clearData CORBA operation, aka SAP Note 2011396.

CVE-2015-2076
Published: 2015-02-27
The Auditing service in SAP BussinessObjects Edge 4.0 allows remote attackers to obtains sensitive information by reading an audit event, aka SAP Note 2011395.

CVE-2015-2101
Published: 2015-02-27
Cross-site scripting (XSS) vulnerability in the Navigate bar in the Navigate module before 6.x-1.1 and 7.x-1.x before 7.x-1.1 for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Dark Reading Radio
Archived Dark Reading Radio
How can security professionals better engage with their peers, both in person and online? In this Dark Reading Radio show, we will talk to leaders at some of the security industry’s professional organizations about how security pros can get more involved – with their colleagues in the same industry, with their peers in other industries, and with the IT security community as a whole.