As well as their main visual details, most file formats also contain associated metadata that is used to describe other relevant information that users don’t normally need or want to see. This ‘data about data’ comes in many forms and can include information such as when the file was created, the author, file size or when it was last updated, among many other possibilities. It can also be used to locate and identify Personal Identifiable Information (PII) within the document.
The problem is, while this information can be helpful, it also poses a security risk. For example, PII embedded in metadata may change the classification of a business process and data storage from a compliance and security viewpoint.
Or alternatively, tracked-changes in a file that undergoes one or more review stages may become prejudicial in a commercial or legal context once the document has changed hands or moved to a different trust zone.
As a result, organizations need to address security vulnerabilities by removing metadata from every document they send or receive. In reducing the risk of accidental information leaks, they should focus on three key objectives:
- Eliminate potential for confusion from inaccurate data that detracts from the main visual layer.
- Remove data about who, how, when and where a file was created.
- Discard commentary or user tracking about the data contained in the body of the document.
Glasswall CDR offers proactive protection to reduce the risk of accidental information being leaked. It instantly cleans and rebuilds files to match their known good manufacturer’s specification – automatically removing potential threats. This simple approach ensures every document in your organization is safe from the risks associated with metadata, without sacrificing productivity.
In the next Glasswall use case blog, we’ll focus on malware risk removal.
