The creation of computer systems, networks of computers, and associated software that allow automated assistance in document development has by its very nature reduced the rigor of document security as it was applied in previous paper document/information control systems. Computer systems, document development software, and the capability to store huge numbers of documents on portable media devices encourages the proliferation of, and access to, sensitive or classified documents as well as the proliferation and the storage of outdated or otherwise unnecessary drafts and versions of sensitive and classified documents on computer networks thereby increasing security risks to the protection of the information contained in electronic documents.
Other basic flaws exist in document marking and classification systems as applied to computer automated information systems that process classified and/or sensitive information. Generally, no positive marking or other positive identification exists for documents that do not contain sensitive or classified information and require no markings. The potential and often inadvertent consequences of the lack of positive feedback to users of document development software are assumptions by system users that the information in unmarked documents has been considered via a document sensitivity/classification determination process when in fact it may not have been through any such process. Electronic documents on sensitive or classified computer systems, and their corresponding printed versions, that do not display classification marks in the body of the document may in fact contain classified or sensitive information and exist without marks due to user error, or as draft documents prematurely saved or disseminated. Such errors and assumptions may lead to system users mishandling or compromising unmarked sensitive or classified information by mistakenly moving the information off of the protected network or providing access to the information contained in the document to individuals not authorized to access the information. Under current systems a user receiving or accessing an electronic document that is not marked is unable to make a positive determination that the documents sensitivity/classification has been considered and thus that the requirement for no visible sensitivity or classification marks in the body of the document has been properly determined by the originator of the document. The recipients document may well be in draft mode or just a mistake, but without a positive and persistent indicator of the status of the document's sensitivity/classification the recipient may mishandle or compromise the information.
Recent advances in information/document development software, computer networks that allow for broad and rapid dissemination of documents as well as removable electronic storage media capable of accumulating hundreds of thousands of documents magnifies the security risk of miss-marked or improperly controlled sensitive or classified information. The current state of developing, processing and disseminating sensitive and/or classified information for stand-alone computers as well as networked computers is piecemeal, relying on disparate, paper based operating and format instructions, manual marking and poorly informed originating assessments that subject documents to marking errors, poor document control, as well as possible invalid assumptions when documents contain no sensitivity/classification marks.
Computer document development software makes it easy for users of systems to remove, or otherwise alter, manually applied sensitivity or classification marks from a document. The potential to remove or alter document marks without detection and print or copy the documents creates additional vulnerabilities to the information contained therein and contributes to the threat posed by authorized users of a computer network (insider threat).
Compounding these systemic flaws, there currently is little positive control and tracking over the access to and the movement of such information on computer networks. As a result, Government and businesses are grappling with intentional insider threats to sensitive and classified information on their systems, as well as inadvertent disclosures from their systems that compromise protected critical information.
In order for electronic document security to be effective the identification and marking of sensitive and classified information contained in documents on computer systems and networks must be an individual assessment process by the originator of the information/document; an assessment process that is closely guided by immediately available classification and format criteria of the organization with centralized control and tracking of the documents by the organization. The document marks must be immediate and persistent with mechanisms to identify changes and or removal of the classification marks, it and must provide for a positive determination that documents that are not required to display a sensitivity/classification mark have completed the organization's classification process. Additionally, effective electronic document security will provide methods to identify and resolve anomalies involving document marking, electronic storage, movement, access and dissemination of documents.
Any software firm that produces word processing, e-mail, presentation or other document development systems needs to make their product line more effective in sensitive and classified information environments.
Needs exist for new methods of classifying controlling and protecting electronic documents.