arrow_back_ios Stories

Story of a leak – and how to avoid it

Posted on  under#shaadow
#shaadow
Cover Image for Story of a leak – and how to avoid it

cibersecurityfiltracionesleaks

Not so long ago…

We are inside an office in the top of a building. It is the signing of a very important contract, almost all the cards are on the table in this negotiation. The CEO is finishing the details of the document before sending it to the only three people other than himself who know about this deal. It is a delicate operation and there are many companies that would benefit from knowing confidential information about it in order to present a much more competitive offer. 

The CEO is concerned. He is aware about the importance of the documents he is going to send, and every day in the news there are more cases of leaks: from new models of mobile phone to confidential documentation handled by the governments themselves. So, he decides to cover his back.

He logs on the platform of that new business his assistant told him about just a few days ago: shaadow. He creates his profile and logs in. He takes the final document and uploads it as a PDF and then creates three different marks for each of the persons to whom he is going to send the document for review and approval. After some thought, he chooses the professional e-mail address of these three people: xxxxxxxxxx@legal.dep.com (head of the legal department), yyyyyyyyyy@finance.dep.com (head of the finance department) and zzzzzzzzzzzzz@consultancy.com (an external consultant who has been working for the business so many years).

shaadow platform

He pushes the buttom and, in few seconds, it is ready for the download. Fast and easy, The CEO says to himself. The platform returns a folder with three documents, each marked and ready to be sent, which is the next thing he does.

But, a few days later, his fears were confirmed by a message from his assistant early in the morning: “Quick David, click on the link I have sent you. Someone has leaked our offer and the competition has reacted. What should we do?” “I don’t even know right now”, he says to himself. “But first of all, I’m going to find out who did this.”

He clicks on the link and sees that the image of two sheets of the document which a few days ago was only in his office, heads the news his assistant has sent him. He downloads them and transforms them into PDF and, immediately, he opens session in shaadow platform. He goes to the extraction section, uploads the document and, while the images are being processed, he wonders who is the person that filtrated one of the more important contracts of his life and what is he going to do when he finds out.

And shaadow returns a result: xxxxxxxxxx@legal.dep.com, the head of the legal department. He picks up his phone and calls back his assistant: “Hi Jaime. Summon all the top managers and heads of department for an urgency meeting. Yes, I know who has done this. With that platform you told me about. Yes, that one, shaadow. Now let’s see how the hell we solve this, because we’re going to have to do something. OK, bye.”

But now, let’s go back to reality

This could be the script behind any leak case that comes to our mind, such as the already mentioned and recognised case of Lionel Messi’s contract or those that are made in the world of entertainment (leaks of scripts, images, new updates, etc.) and that have reached such a point that there are pages and blogs dedicated only to writing about leaks related to the world of videogames.

These cases are very common but also very harmful to the business or persons that suffer them because of the costs they generate. The fact that in one click anyone can see documentation containing sensitive or personal information entails a series of costs, and not all of them have a relation with money. This is just the top of the iceberg. Internal conflicts based on the lack of trust in the employees that could lead to a toxic working environment, long investigations that question the words and actions of every employee (who is now a potential threat) or how damaging it is to the reputation and image of that organization.

Shaadow’s technology enables companies to have all these answers and to avoid the problems that could arise. It does not matter if the document is the original, an scan or an image of it, the marks that are introduced in it are permanent and allow you the identification of the person responsible for the leak.

While it is true that the scenario with which the article has been opened, the leak has already taken place. But shaadow also works like preventing tool if everyone who is involved in the process know its existence and know that it is being used. If they understand the fact that all the important documents, they handle from now on will carry invisible and lasting marks that can identify them, they are going to think twice before doing so. In other words, we have a tool that not only allows us to know, but also helps to avoid these unfortunate situations and all the effects they entail.


add_circle_outline   Other Stories

Cover Image for Entrevista con nuestra CEO: Isabel Hernández Ruiz

Isabel es CEO de shaadow, spin-off de Telefónica, startup del sector de la ciberseguidad que ofrece un servicio que evita la fuga de información confidencial de las empresas. Comparte su faceta…

#shaadow
Cover Image for Salud digital: una doble tarea pendiente

Desde hace ya algunos años, una de las industrias más castigadas por los ataques informáticos es la relacionada con el sector salud, el cual reporta aproximadamente un 41% de incidencias que ocurren a…

#shaadow