Lessons from TSA’s redaction debacle
December 28, 2009 by Sam NarisiPosted in: In this week's e-newsletter, Latest News & Views, Security
When Transportation Security Administration officials recently posted a manual online, they thought they’d hidden secrets about airport security well. Turns out whoever did the posting could use a lesson in redaction.
The document was posted to a public site as part of a contract bidding process. Info about passenger screening, checking for weapons and other confidential security-related items were supposed to be removed. But rather than actually remove the text, TSA just covered it with black boxes.
Computer savvy folks were able to read the manual and its security process details, Computerworld reports.
The TSA’s mistakes offer up a grim reminder to anyone who isn’t well versed in the complexities of electronic document redaction, the art – and science – of blacking out information that should not be seen.
A big problem with redaction: Few folks understand how it works.
If you’re redacting hard copy, you can take a permanent, black magic marker and cover the data or text with bold strokes. Not on digital text.
The text may not be viewable, but it can be indexed, which makes it searchable and simple to retrieve by copying and pasting blacked-out portions to another document.
•Also, the metadata that’s embedded in documents isn’t disturbed by blacking out text. It’s still in the document and can be retrieved.
The key to redacting information so that it can’t be unearthed? Remember these rules:
- Never use word processing for redaction. Even Adobe’s Professional Edition might not be safe. Keep document creation and redaction separate, and
- Use strong, automated redaction tools that not only search and eradicate text but also its metadata.
DocuCrunch.com delivers the latest IT and Imaging news once a week to the inboxes of over 200,000 IT and Imaging professionals.
Click here to sign up and start your FREE subscription to DocuCrunch!
Loading ...
January 4th, 2010 at 9:11 pm
Organizations seeking fast, reliable and proven redaction software to securely remove sensitive information should visit http://www.rapidredact.com
RapidRedact is a redaction tool which offers the power and flexibility that organizations need to ensure that redaction projects are finished on time and with complete confidence that redacted information is permanently removed.