In one of my former lives, I was both a White Hat hacker and an Information Systems Security Manager. I lived and breathed Information Security (INFOSEC) my entire government career. I sweet talked, cajoled and sometimes beat my head against the wall, trying to teach folks how to stay secure in the electronic world. Especially as it pertains to E-Mail. At one time or another, we've all wished there was an "unsend" button on the damn computer.
As an ISSM, one of my biggest fears were data spills. A data spill is when someone inadvertently sends information across the wire to another person or persons who have no business or reason to have that information. Trying to "recall" that information after it's been transmitted in nothing but an effort in futility. Attempts are made to have people ignore and delete the message, but in reality there's no way to ensure that happens. One must rely on the ethics and integrity of the recipients. In most cases, I'd say Good Luck with that.
I was sitting at home the other evening when my Blackberry buzzed. I looked at the clock and wondered, who in their right mind would be sending me email at this time of night? Curious, I fired up the email client and discovered I'd been forwarded correspondence from a company that specializes in senior level executive search and assessments. Well this was certainly interesting. There was also an Excel spreadsheet attachment.
Still curious, I expanded the email trail and upon further reading determined that what had come across my inbox was business confidential, rather sensitive and had somehow, mistakenly, been routed to me. Of course the disclaimer "This email may contain confidential information. If you are not the intended recipient, you should notify the sender & delete the email & any attachments." was a dead giveaway too.
I started data mining. In less than fifteen minutes and a handful of keystrokes on a couple of professional websites, I discovered who was who. Interesting. One CEO, one VP, a Managing Partner and one Managing Director.
Never one to pass up a "learning moment" such as this (as well as being the sardonic smart ass that I am), I hit the "reply" button and began to compose my response to the sender.
Upon establishing my bona fides, I advised them their email had most likely been misrouted and quickly summarized what I'd discovered about all of the other addressees; who they were, who they worked for, where they were located and what their positions were.
I closed by assuring them, their confidential documents had not/would not be compromised, had been deleted and asking they take my reply in the humorous vein with which it was intended. Then I sat back.
It didn't take long. A few minutes later the reply arrived. I would have given almost anything to see the look of abject horror on their face and the frantic muttering of "Nonononononono!!!...Please, please, please tell me I didn't really do this...oh crap, oh crap, oh crap!!" as they called up their sent mail file. After all, it's not like I haven't seen or heard it before.
The reply was very nice and the sender appreciative. As they say...All's well that ends well. The email was deleted, never to be opened or compromised and if I'm not mistaken, I heard a huge sigh of relief emanating from up North someplace.
"UNSEND." Now that's a button that could make BILLIONS!
No comments:
Post a Comment