The recent leaks of secret documents posted on Wikileaks got me thinking about what types of information should be secret. Since World War II, the US government has been classifying more and more documents secret or top secret. During the 1990s there was an effort to declassify older documents and to discriminate more about what should be classified as secret.
Businesses go through the same process by putting “Company Confidential” or “Do Not Use Outside of XXX” on documents. Some of this is warranted, but much of it isn’t. If I make a sales presentation to a customer using PowerPoint, I shouldn’t put “Company Confidential” on the slides. If I’m presenting a specific sales proposal to a customer, then it may be warranted.
By classifying something as secret or confidential, you are assuming that if this information got into the hands of competitors, customers, or the public, it would cause you or your company problems. They might be legal problems, like insider trading, or it may just let your competitor undercut your price. By marking everything secret or confidential, it eliminates the need to do it at all. Everything then becomes a secret, so in effect, nothing is.
This sounds like a line from the movie “The Incredibles”. Syndrome, the bad guy, says, “I will sell my inventions to everyone, so everyone can become a Super. Because if everyone is super, then no one is.”
Part of the process of good data governance is to define what is and what isn’t confidential information. You probably won’t believe this, but most of your business information is not confidential. Most emails going back and forth inside your company are not critical or secret. The ones that are should be treated with care. The same goes for data and documents. Your 5-year strategic business plan is something that should be confidential. A draft of your latest marketing piece is not that critical. The database that has your customer’s credit cards in it, should be heavily guarded.
In today’s world, most of us are overcautious about some things and don’t pay enough attention to others when it comes to confidentiality. Many people think nothing of posting any picture on Facebook, but stamp “Company Confidential” on a memo announcing the time of a meeting. It is possible that the time of your meeting is confidential, if you are the President of the United States, but for most of us, it’s no big deal.
In general, I think it’s a better way to do business if you are less secretive about things and more transparent. By giving incite into the workings of your business, you let customers feel more connected to you. By doing that, you build more trust. It makes you seem more human rather than some big, uncaring entity. I am not suggesting you let everyone peer over your shoulder when you do your payroll, but you may want to think long and hard about what is really secret. Many people think everything they do is secret and proprietary, but in the age of the internet and instant communications, it’s not.
If most of the data and documents you have are not confidential or secret, then you will have an easier time controlling those that are. If all I have to worry about is locking one door, I will lock it. If I have to worry about 100 doors, that becomes a big headache, and I might miss a few.
What is really secret in your organization?
Photo credit ConvenienceStoreGourmet