FORGET SOMETHING?
Security gone wrong
By Jason Karaian

These days, airports, hotels and conference centers are teeming with harried executives juggling briefcases, BlackBerry devices, laptops and other high-tech gizmos to help them stay in touch with their offices around the clock. That’s putting a lot of sensitive corporate information out in the wild, and as a number of recent incidents have shown, it’s becoming a risk management nightmare.

In March, Belgian-Dutch bancassurer Fortis released its headline annual results a week earlier than planned “in the interest of transparency”, it said, because a briefcase holding a draft of the market-sensitive press release was stolen from an unnamed company executive. The board of directors had not yet approved the figures, so the bank made no further comments on the abridged information. This irked analysts, who were left to divine the underlying causes of, on the one hand, lower-than-expected earnings and, on the other, a healthy boost to the dividend. Fortis’s shares fell 2% on the day of the announcement, sliding another 2% by the time the figures were explained in detail on the originally scheduled release date.

When it comes to protecting confidential information, it’s not only employees companies need to worry about, but also business partners and suppliers. In February, Deloitte admitted to audit client McAfee that an employee had left a CD containing information on the client’s workers in an airplane’s seat-back pocket. The same month, an Ernst & Young worker’s laptop went missing, putting sensitive information from BP, Cisco, IBM and Sun Microsystems at risk, though fortunately, the data stored on the laptop was encrypted, unlike the CD.

There are other ways companies can end up divulging confidential information. Andres Wittermann, a vice president at global PR firm Lewis, recently wrote in his online diary that flights between Munich and London were fertile ground for the unintentional collection of information on “a big Munich-based company”. In the cabin, conversations among colleagues are easily overheard by “people who just happen to sit close to them,” Wittermann notes. This isn’t the exclusive domain of international jet-setters – reporters at this magazine were once privy to a discussion on transfer pricing between businessmen poring over memos marked “confidential” on a London Underground train.

Some companies have found ways to address carelessness on the road. Last year, 3M, for example, introduced a film that obscures laptop screens for all except the person directly in front of the computer.

Yet nothing beats rock-solid security policies, as managers at Fortis, Deloitte, and E&Y hopefully now know. It’s also something that top brass at German energy group EnBW learned the hard way – in April, the company said that it was changing 150 locks at one of its nuclear power plants near Mannheim after losing the keys.