Scary news today about a security breach by a contractor handling sensitive information for a client.
The SAIC employee’s car, a 2003 Honda Civic, was parked in a garage that housed many luxury cars, “yet the thief or thieves, who went to great effort to avoid security, did not break into any of the luxury cars in the garage, targeting instead the relatively inexpensive car containing the confidential data.”
Industrial espionage is a real threat, and proposal teams are in the cross hairs because they handle time-sensitve and critical mission-sensitive information every day. Don’t get casual about the confidential nature of your information.
These incidents should be used by proposal managers to tune up everyone’s awareness of the importance of security for all your proposal information.
Have a brainstorming session to discuss what might be a security breach for your group, and talk about how to tighten it up a bit.
Here’s a few ideas to consider:
1) Back in the dark ages, proposal teams had to create their own backups and decide how and where to store them. Today, you can count on your IT department automatically doing this for you. However you should ask about your backup procedure. In one firm, I discovered that the IT department had the members of the proposal team on a lower priority backup schedule. Once a week is not nearly often enough for a proposal team.
Since the team wasn’t considered executive staff, their computers weren’t flagged as being more mission critical than the Marketing VP. I’m prejudice, but everyone handling a proposal due in 30 days, for serious money, are more critical than someone handling the color of the new logo.
2) Laptops. How do you manage these?
What is your property policy? How and where can they be used? Does everyone know how to distinguish a secure internet connection from an insecure internet connection? Invite IT in for a brown bag session, and buy their lunch to show you how to stay safe on-line.
3) Fax machines. I hate ‘em because they are almost completely insecure. A seven year old can set up an intercept on a fax machine undetected. If you must use one, make sure it is the busiest machine you can find, so someone would have to pull out your information from all the minuetae being transmitted. Better yet, don’t use them. I only use them for lunch orders.
4) Print shop. Most of the current printers keep a file of every page copied in memory. When I use an outside print shop, I bring some work and sit there during production. Any misprints I take with me for destruction, rather than let them sit in their trash bins. When we are finished, I stand next to the operator and watch as they delete all our files.
Check your own copy machines and printers and ask IT to help you create a procedure to purge the memory on them if they don’t automatically delete. My printer deletes only when it shuts down, but not otherwise, so during proposal production, it gets rebooted everyday.
5) Email lists. Some of us use emails lists to communicate during proposals. Have you checked these lists lately? Sometimes we fail to notice that someone has left the company, or is no longer in the same department and in a “need to know” status. Clean up your lists, or better yet, make it a policy to delete mailing lists after each proposal and recreate at proposal start.
One of my proposal team members was responsible for the daily backup to tape (I’m REALLY old!) and we talked about the safest place to keep the backup tape. My policy was that the most recent tape had to leave the building each night. He jiggered a cassette tape from a local band, so his backup tape would travel with him undetected. The two greatest talents of proposal professionals are that we are all ingenious and fun. Use it!
Follow your data and you’ll come up with more potential leaks you can address before a problem arises. Stay Safe out there!