A word to the wise, remove metadata from your Word documents. It’s really easy to forget, but man, can it be embarrassing (and that’s the best-case scenario)!
Check out this example published in The Guardian, in the UK, where the sender forgot to remove the track changes in a Word document they submitted to the newspaper:
Most people go about their business every day in blissful ignorance of the fact that the Word documents they’re working on are also working away creating hidden metadata. This metadata might include document properties, redacted or deleted text, or notes made during a review cycle – as in the aforementioned example. All this metadata can be completely confidential and shared completely inadvertently with other people.
The problem isn’t that metadata is added to a Word document, it can be useful for indexing and document management. The problem is that metadata can be difficult to fully identify and remove manually from the Word documents you share. For example, adding comments and using track changes is helpful when you’re working on a document, but if a change isn’t accepted, it remains in the document, even though you may no longer be able to see it.
The cost of not removing metadata from Word
It’s best practice to remove metadata from Word documents before they’re shared, but doing this manually is completely impractical. When you need to work on documents with people outside your organization, or to send information to others by sharing attachments, removing metadata from Word documents is probably the last thing on your mind – even if the content is sensitive. You might be under time-pressure, you might just be sending a quick email, but not removing the metadata from Word documents before you share them could come back and bite you – and that sucks.
Seriously though, omitting to remove metadata from Word documents could expose you, your colleagues or your company to serious risk. As a minimum, if critical metadata leaks it could lead to loss of confidence, clients or to disciplinary action. At worst, it could create serious reputational damage and even legal suits, especially if personally identifiable information is involved. With the advent of the GDPR, the fines associated with this kind of data leak could have disastrous consequences for firms.
The simple way to remove metadata from Word documents? Let automation take care of it!
So, what’s the best way to ensure the Word documents you share outside your organization don’t carry sensitive or confidential metadata?
Firstly, you need to be mindful that metadata almost certainly exists in every Word document you’re sending. Just because you can’t see it doesn’t mean it’s not there. Once you’re cognisant of that fact you can move on with removal.
Secondly, you need to be aware of all the methods you use to share Word documents. Not just your desktop email client, but your mobile device and any file sharing methods you use to share outside of the office. They must be sanctioned by IT and fall under your firm’s compliance policy, otherwise it’s just cheating.
If you follow these steps then you can get a relatively inexpensive, but comprehensive metadata cleaning tool that protects the files you share - and you’re covered.
An automated solution will apply your company’s security policies, spot sensitive content and then remove metadata from Word documents. The solution should also be integrated with Outlook and your Exchange email Server to apply protection across your desktop, mobile or online sharing platforms. All this takes place without the need for any manual intervention, which basically means you can’t forget to remove the metadata from your Word documents, because the system will do it for you, without slowing you down.
Give Workshare a call if you’d like to talk more about this – we love a good metadata removal chat!