Do you ever wonder what would happen if a confidential document got into the wrong hands? Yesterday a mistake in delivering a document became a $26 billion problem for Google. R.R. Donnelley accidentally disclosed Google’s quarterly financial statements earlier than the company had intended. It caused Google’s stock price to drop 10% cutting $26 billion from its market capitalization.
Donnelley is best known as a provider of printing services, but it’s also the top SEC filing agent in the United States. Filing agents take documents and convert them for submission to the SEC in the proper format. The company also owns the filing portal EDGAR Online which is used extensively by investors, analysts and corporations.
Donnelley handles thousands of securities filings a year for corporate clients in a routine process that is invisible to most investors. Unfortunately Google and its shareholders found out just what happens when that process goes wrong. The issue was that Google’s earnings were lower than expected, but timing is everything in the earning game. Google wanted to release the statement after trading closed in the US giving investors time to digest the numbers before going into a selling frenzy.
Of course Google blamed Donnelley for the mistake and the finger pointing started. Donnelley shares dropped 5% after the Google statement and investors started asking about negligent behavior and suing someone. Most people believe it was a mistake and not a malicious act. Unfortunately for Google, the damage is the same whether it was inadvertent or not. Donnelley may also suffer financial damages since Google may have a negligence claim to recover costs it incurred from dealing with this incident.
We hear about confidential information leaking from companies all the time. A lot of the news tends to focus on hackers and cybercriminals. While this is a real threat, more often the leaks come from inside the company and many are accidental.
So how could Google prevent this from happening in the future? By using a persistent security policy that follows the document. It encrypts the document and the owner controls who can access the information inside it. When Google sent the document to Donnelley it could have restricted it to certain people inside the group that handles SEC filings. If someone sent it to the SEC early, the document would be useless since no one outside Donnelley could read it. It would look like random characters. Anyone successfully accessing the document must be given specific rights to it.
If someone who could read the document tried to copy the contents to an unencrypted one, that action would be blocked. The same would occur if someone tried to take a screen shot of it. Google and Donnelley could control who has access, what they could do and for how long. Once they decide to release it to the SEC, an authorized person could either decrypt the document or give access to the appropriate person at the SEC. That guarantees that Google is in control of its information and messaging.
Whether you are a small company or a household name, protecting your confidential information is critical to maintaining your business. One mistake could cost you a lot of money. In the case of Google, a little prevention might have saved them a few billion dollars.
Photo credit WebProNews