Rules? They’re more like guidelines.

“Fed Staffers Broke Rules In Release Of Minutes,” Wall Street Journal, August 30, 2013 A2. http://on.wsj.com/1duW7LO. Fed staffer emailed minutes of policy meeting a day early to a bunch of banks, investment firms and congressional staffers. Distribution list changed to exclude financial industry trade associations and bank lobbyists.

Lower-level employees often make mistakes, or don’t follow rules exactly.  Is an email to a distribution list the best practice for sensitive data? Do you have a second line of defense?  And a third? Does digital rights management offer a possible solution?

Advertisements

Leave a comment

Filed under Policy, Risk, Security

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s