Banking and Wiki Leaks – living in a more transparent society

  • Article

Wiki Leaks may be the next systemic risk banks face. At a time when we must become more collaborative and share information, are we exposing ourselves to more risks? If so, what protection do we have? In a world of flash drives and file transfers, how can we ever be secure?

Heightened security is not enough. We must formalize our approach to content management or face the consequences. The paperless office demands a structured approach. But too much structure can stifle creativity.

Collaboration revolves around projects, deploying different resources at different times. But when we join a firm we are given a single corporate identity. With this, we can potentially have access to anything at any time.

Imagine if our security credentials could have different elements – a corporate one and a project one. The project identity could simply be a code attached to our corporate identity, issued when we join a project and disabled when we leave. Suddenly our access to information can be split between the general and the specific. Our access to certain types of information becomes event driven, limiting the risks of disclosure.

Suppose the code is transaction specific. We can engage in some transactions, but not others. Each transaction could have its own security code. These codes could be automatically generated. We have now dramatically increased our security without significantly impacting our ability to collaborate.

Data can be stored in folders or sites. Access to this data can be protected by event or project driven codes. Instead of exchanging files, we exchange URLs. Audit trails can be incorporated.

Then there is the creation of data. Structured data is safer than unstructured. By automatically creating presentations and documents to an agreed standard we greatly reduce the risks of non-compliance.

None of these changes will protect us completely. But they are a quantum leap from where most of us are today. It is time to get our content management program together or face the consequences, especially if the regulators come calling.