It should be obvious by now.  Whether data is stored on government systems or by a commercial company, like Target, it is at risk for being hacked.  There are several lessons here for government contractors, not the least of which is ensure any system they have that stores government information is kept as safe as possible, but there’s another one that you might have missed:    You can’t be sure that the government can make good on its promise to keep your proprietary data safe.

The government requires reams of cost or price information from you in order to obtain a government contract.  Most of that information is now transmitted electronically.  Depending on who it’s sent and where it’s stored, that data could be at high risk for exposure, potentially opening for all the world to see just what your firm’s pricing and business strategies are.  What’s a company to do, though?  It’s not like you can’t submit required information.

Two approaches, however, could mitigate your risk.  First, ask if you can submit information the old-fashioned way.  Paper can’t be hacked.  Until recently, many CO’s simply printed out what you e-mailed them anyway.  Second, if you must send sensitive information electronically, make sure it’s exactly what’s required and nothing more.  Don’t volunteer extra information and make sure what you do send is what’s actually required via regulation or statute.  Insist on ensuring that your data is being stored in a specialized, secure site accessible only by authorized contracting professionals.

The digital environment has changed and both contractors and their government counterparts need to understand this.  CO’s need to stop asking for information they really don’t need and be careful who they share that information with.  Contractors have the right to ask questions about where and how their data is stored and get satisfactory answers before anything more is transmitted.

We can’t prevent data hacks, but we can all be smarter about recognizing the risks and how they can be mitigated.