"While we were able to limit any damage, embarrassment of the CEO was unavoidable," Zahringer says. "It also cost the CEO an additional $6,000 for our services to help with the matter."
The moral: Always ensure your cloud storage is secure before uploading private documents. If your storage is in the same place where your website files live, it's safe to say other people can see it. And if your IT guy tells you otherwise, for the love of GOOG, fire him.
Stupid user trick No. 2: A whale of a fail
These days, everyone seems to be in love with social media. But while a tool like Twitter can help your company connect with clients, it can also make your company a global punchline in less time than it takes to say "A plus K."
We've seen plenty of social media disasters play out in real time, like the recent instance where an employee at British company HMV posted colorful commentary about corporate layoffs from the company's official Twitter account. For Brian, a manager at a Michigan-based IT support firm, those cases hit close to home.
In the early days of Twitter, Brian had set up an account for his company and entrusted it to an intern. Tweeting seemed like a mundane task, after all, and this eager college senior was more than up to the task of sending out a few cheery updates and responding to basic customer queries during the day.
"To be honest, I didn't think twice about it," Brian says. "Of course, this was back before Burger King and Coke and everyone else in the world was using Twitter as a CRM platform."
Brian's plan seemed to be perfect: The intern appreciated the real-world responsibility, and the Twitter presence was one fewer item crowding the staff's overflowing responsibility list.
"It was a perfect setup," Brian says, "right up until it wasn't."
The transformational moment came when Brian's intern reached the end of his semester and, thus, his internship with the company. The intern's workstation was cleared and reset -- but the company's Twitter password, as it turns out, was not.
"Evidently, the kid had been logged into our account from his personal laptop, too," Brian says. "That was my oversight."
The oversight became apparent when Brian -- who had taken over tweeting after the intern's departure -- noticed some profanity-laden updates showing up in his company's stream. He wasn't the one typing them, and it didn't take long to figure out who was.
"When I called him up, he swore up and down that his roommate had gotten onto his laptop and been the one who did it," Brian says. "Regardless, it was my company's name being dragged through the mud."
Sign up for CIO Asia eNewsletters.