Source: [id: 41018; name: CSO; isActive: true; siteId: 3] -- CSO -- $content.altguid

Search Can Be Your Enemy

Technology has made it easier to do things than to do them right

By

May 01, 2006CSO

After six years of working for CIO and CSO magazines, I think I know something about your jobs, dear readers. This month, I'm going to share a story about mine.

I've been reporting a story on the security implications of Google, which will be published in the May issue of CSO. A month or so ago, I was on the phone with Leonard Fuld, who's known for his work in competitive intelligence, about Google searches I could run to try to find juicy bits of information. Picking on a huge, U.S.-based firm that's had some financial trouble of late, Fuld suggested searching the Web for Excel spreadsheets that contained this company's name and something about "finances."

Later that day, one of several that I spent doing some amateur Google hacking (and sincerely hoping that if my company were monitoring my Web access, my boss's boss's boss would understand that yes, sir, this is research), I found a file from a small job-networking group that just didn't seem like it should be public. It had information on 300 or so executives, some of whom had worked for the company Fuld mentioned. The document didn't include their names, but it had enough information about titles and past work history that someone could figure out their names. It also included the status of their job hunting— whether they were only networking or "actively searching" for new jobs. It wasn't exactly the formula for Coke, but it didn't seem like the kind of thing that people would want made public, either. The exact search and the information it turned up made it into the story, as an example of the interesting things that a targeted Google search can reveal.

Fast forward to last week. My editor was going over the page proofs, and he wanted to know, one, whether the file was still there, and two, whether we oughtn't give the company hosting it a heads up that we were about to publish instructions on how to find it. We weren't mentioning the organization by name, mind you. But it seemed like a way of being a good corporate citizen about at least one of the disturbing files I'd uncovered during my research.

I ran the search again, found the website, and shot off a letter to its administrator. An online courtesy call. I included my phone number. You never know.

A few hours later, the phone rang. It was a friendly gent who identified himself as the founder of the firm. He'd received my e-mail and had been puzzling over it. The file, for better or worse, had been put intentionally on the public site, but he thought he'd deleted it years ago. He didn't understand how I could find it.

RESOURCE CENTER