A security expert criticized the U.K. Home Office after a document outlining new terror measures was sent to opposition parties with amendments and deletions still within the document's hidden metadata.
The leak exposed that the Home Secretary Charles Clarke had doubts over whether police should have powers to detain suspected terrorists for up to three months. These doubts were deleted in the final draft of the letter, but were still in the document's hidden data which keeps track of file changes. Joe Fantuzzi, CEO of document security company Workshare said the blunder highlighted the lack of awareness governments have over hidden document information.
"The public sector still does not appear to have got the message that while email is undoubtedly an excellent medium for communicating with documents, it opens up huge exposure to security and control issues," said Fantuzzi.
He added that his company's research had found that 90 percent of organizations have no idea that confidential information was being leaked. He also said it was a common misconception that putting a document into a PDF would solve these problems. Fantuzzi said 75 percent of business documents contained sensitive information most people would not want exposed.
"The only way to stop this plague of document leaks is to govern with a transparent but centralized document security policy. It's time to eradicate this plague of insecure documents," said Fantuzzi.