Despite the many intricate and hardened systems that are put in place to secure electronic documents and verify the accuracy of their contents, there is a gaping vulnerability in almost every system: the fax machine.
Just about anyone who has read Greek mythology (or seen the Brad Pitt movie Troy) is familiar with the story of Achilles. He was a mighty warrior who was destined to lead the Greeks against the Trojans in the battle for the abducted Helen. And to die there.
Perhaps the best-known part of the story is that his mother tried to protect him by dipping him into the river Styx in the Underworld, where all but the heel she used to hold him became invulnerable. Of course, as Murphy’s Law dictates, eventually an arrow found his heel and he died in battle anyway.
The point of the story is that no matter how carefully we plan, and no matter how much we try to protect ourselves from harm, it’s important not to overlook the simple things that may seem insignificant on the surface but may be our undoing in the end.
This is a particularly important lesson for those charged with assuring that their organization meets Section 404 and other requirements of the Sarbanes-Oxley Act. Because despite the many intricate and hardened systems that are put in place to secure electronic documents and verify the accuracy of their contents, there is a gaping vulnerability in almost every system: the fax machine.
Think about it. What types of documents are normally sent via fax rather than e-mail? Normally they are legal documents, such as contracts, letters of agreement, purchase orders, submitted RFPs, and other documents that require a signature for verification. In other words, they are key documents that affect both the financial and legal health of the organization.
Now think about where that fax machine sits. Usually, it is in a common area such as a mail room, on top of a file cabinet, or in a passageway between offices or cubicles –- somewhere that allows anyone walking by to see the contents of those important legal or financial documents. Beginning to shudder yet?
Next think about the form factor of those key corporate documents. They come in as paper. Which means they can be easily lost, misplaced, or misfiled. They can also be accidentally gathered up and thrown out with the daily newspaper or the debris from your lunchtime sandwich. Even if they are properly filed they can be difficult to access quickly if you have to endure an audit -– particularly if you are in an industry, such as mortgage brokers and insurance companies, that sends and receives a large number of faxes each month. And before they get to their intended recipients, how many sets of eyes with low security clearances will they pass in the process of getting from the machine to the right desk? Talk about a lack of internal controls!
IT's Reputation: What the Data SaysInformationWeek's IT Perception Survey seeks to quantify how IT thinks it's doing versus how the business really views IT's performance in delivering services - and, more important, powering innovation. Our results suggest IT leaders should worry less about whether they're getting enough resources and more about the relationships they have with business unit peers.
What The Business Really Thinks Of IT: 3 Hard TruthsThey say perception is reality. If so, many in-house IT departments have reason to worry. InformationWeek's IT Perception Survey seeks to quantify how IT thinks it's doing versus how the business views IT's performance in delivering services - and, more important, powering innovation. The news isn't great.
InformationWeek Must Reads Oct. 21, 2014InformationWeek's new Must Reads is a compendium of our best recent coverage of digital strategy. Learn why you should learn to embrace DevOps, how to avoid roadblocks for digital projects, what the five steps to API management are, and more.