Huffpost Technology
THE BLOG

Featuring fresh takes and real-time analysis from HuffPost's signature lineup of contributors

Moti Rafalin Headshot

Should All Our Files Self-Destruct?

Posted: Updated:
Print

By absolute necessity, consumers have gotten fairly paranoid about the ways in which they share personal information online. The first generation to grow up with Facebook learned that sharing sensitive comments and images on a public wall is a quick way to create big problems that follow you around for a long time. That's why today's teenagers have made startup superstars out of companies like Snapchat, Wickr and Hash. There is big value in a service that allows consumers to share material -- and then make that material disappear. (Or in the case of Snapchat, deceptively advertise that you make the material disappear, but you get my point).

Ephemeral content sharing shouldn't be confined to party photos that 16-year-olds want to hide from their parents. Businesses in every industry from movie making to health care are feeling the pain that comes with data leaks, and much of it goes back to their inability to make proprietary files self-destruct.

When it comes to privacy, consumer tech evolution outpaces enterprises
What do teens know that Fortune 500 business leaders don't? Plenty, especially when it comes to privacy. Digital natives don't have to adapt to an online, mobile, social world. They were born into it. Maybe Sesame Street wasn't espousing online privacy protection as we entered the 21st century, but kids born in the late ninties have learned plenty of lessons about the importance of protecting their reputations online, and which kinds of conversations and content belong on which platforms.

By contrast, businesses are still playing catch-up. The so-called mobile enterprise has learned to tolerate bring-your-own-device (BYOD) norms and collaborative apps, but too many have failed to ask or answer nuanced questions about what they can and should share, with whom, how and for how long. As soon as that file sharing link is clicked and the file gets downloaded, it will more than likely live indefinitely on that device unless the recipient bothers to delete it. In an effort to boost anytime-anywhere productivity, companies have lost the basic level of sensibility and instinct that guides a kid to know that some content is better suited for Wickr (where it will stay between you and the recipient) than for Facebook or Twitter (where it could live forever).

Consider Australian telecommunications carrier Telstra, which was recently caught in the middle of a data breach when the personal information of 15,000 of its customers ended up posted to the company's website for public viewing. The unencrypted Excel file in which all of the data was stored failed to provide Telstra with any safety net when Google's index picked up the contents of the file.

Would a consumer, even a young one, have made the same kind of risky sharing choices? Would he, for example, invite a contractor in to remodel his bathroom and as part of giving the contractor access to his home, give him the password to his home alarm and personal safe? Then act surprised if the contractor used it for personal gain? It's a ridiculous possibility to consider. And yet, this is what businesses essentially do when they open their vaults to expose their intellectual property, and then fail to implement any mechanism to protect or retract material once it leaves.

What enterprises can learn from their own best practices
Ironically, enterprise HR departments now make social media searches a basic part of their vetting processes for new employees. If an otherwise promising candidate had a lapse that lingers on Twitter or Facebook, for example, that misstep could be the difference between a new job and a no-thank-you note. However, those same companies that are unforgiving of potential hires are leaving themselves open to comparable judgment from prospects, customers, partners and investors when they fail to protect their own reputations.

Despite Snapchat's recent misteps, temporary messaging and social media services are gaining ground in consumer circles. Businesses should likewise be exploring ways not only to secure their sensitive materials, but also to share them inside and outside their organizations with time-sensitive safeguards.

Maybe a partner company needs a copy of company financial statements to close a deal, but it certainly doesn't need those statements forever. An auditioning actress needs access to a top-secret script; but she doesn't need that forever, either. Or a temporary employee needs access to intellectual property during the life of his project, but not beyond. You get the picture. In virtually every industry, companies need to share sensitive information for some period of time with parties inside and outside their own walls. After that, access should be revoked or their sharing practices could eventually come back to haunt them worse than any compromising Facebook photo could harm an individual.

Most of today's enterprise decision-makers didn't grow up with ephemeral content applications, so maybe they should get a pass for not having a natural instinct when it comes to discerning which kinds of content should be permanent and which should be temporary. However, many of them did grow up watching the self-destructing messages that Ethan Hunt, Mr. Incredible and even Inspector Gadget relied on. When it comes to how they store and share, enterprises can learn from teenagers and Hollywood heroes, even if they may need to spot the recipient of a sensitive file a bit more than five seconds before the material self destructs.

From Our Partners