So what happened?
Someone in Target's security team feel asleep at the wheel, missed the signals and cost the company hundreds of millions in compensation to the 70 million customers who had information stolen.
Moral of the story: be vigilant and put the right people in place who can uphold those values of confidentiality, integrity and availability.
You need protocols
Think of the protocols of a security company. They install an alarm, which is activated and a representative will either come out to your location or call you.
The security monitor in these organisations knows what the role is and carries it out efficiently. This is what you want from people looking after your IP: the need to understand what their roles are and clear guidelines to follow when the signal goes out.
If you have multiple documents that require protection, put in place a range of different alert administrators and default actions. If a document is shared inappropriately, you can turn off the sharing, override it and then reauthorise. You need flexibility, because the document still needs to go to the right people.
For most business owners it is difficult to see when information has been shared by or with nefarious sources, yet this is where security must be top of mind.
It is unlikely that SMEs and even larger businesses will have breaches the size of what occurred with Target, but breaches can and do occur every day. It is time to be a little more vigilant and start acting like the CIA.
Sign up for CIO Asia eNewsletters.