I was reading a tidbit on the Sophos site regarding the pitfalls associated with sending unencrypted documents as email attachments.
It seems that about 2 years back a person with one Plymouth University sent a spreadsheet containing salaries and other compensation for about 250 senior staffers to an incorrect email address.
The error was reported to the appropriate authorities in Great Britain and it was reported that the document had been deleted by the recipient.
Then last week said document was sent by an anonymous source to a local newspaper with all information intact.
The university's solicitor engaged the newspaper regarding the subject telling them that it is clear from the content that said information should have been sent to the newspaper and requested immediate deletion with written confirmation of that deletion ... and so forth and so on.
The apparent automagic recurrence of this document which was deleted at the "original" disclosure point leads us down that sticky trail indigeneous to cloud users everywhere:
1. Nosy staffers going through your stuff
2. The persistence of backups
This security hole could have been plugged with the presence of encrypted content and a key shared separately from the document.
In our haste towards efficiency hitting the "send" button can sometimes be our downfall. When you entrust an outsource with your business you assume your business will be handled with a certain level of trustworthiness and confidentiality.
HOWEVER, this does not carry over to the destination and their staff. Backups sometimes linger for decades. People come and go. Just how trusting are you? I am so glad that I was raised to handle my own affairs unlike so many businesses elsewhere who rely on the staffing of others to compensate for their own inability to manage their own data systems.