If consumers could talk directly to the businesses that serve them, many of them, especially the younger ones, would say: “Don’t call, don’t email, don’t leave a voicemail, and for the love of all that is holy do not send paper to me, just text me!”. And why wouldn’t businesses text their customers? Mobile messaging is fast, efficient, reliable and credible. But for all of its advantages, messaging comes with quite a few security concerns.
Let’s get this one out of the way first, not because it’s the most important concern but because, in many people’s minds, it remains the top security threat. Eavesdropping is relatively easy to solve in any communication method by applying encryption while messages are in transit. Although native SMS texting does not provide this security, Indeed, many texting apps offer excellent encryption that will make it much more difficult for spies to read messages. And while it is a relief to know that health information sent by my doctor’s office or personal financial information from my broker are well-protected, I would not be terribly concerned about the security of my chat with a customer service rep. Is anyone really interested in finding out that I’m not that happy with the headphones I purchased? If they are, they can read all about it the review I will post publicly. However, for sensitive information, it is absolutely imperative that this protection is there.
Solution: Choose a messaging solution that includes encryption in transit so that your texts are secure from eavesdropping.
Lost and Stolen Devices
Now that we’ve dealt with the spies, let’s talk about something that’s far more likely to happen: A lost device. Your customer has chosen to receive messages from you on their mobile device using SMS text. For months they have happily received your messages. They however have never deleted any of them – who does, right?- A healthy accumulation of information now resides on their device. This is the customer’s private information, sent by you to them at their request and it resides on their device that they control. Like many, however, they also have not secured their device by using passcodes or digital fingerprint, because it simply gets in their way and slows them down.
The inevitable happens – they leave the device on the bus and a plethora of their private information is now in the hands of whoever picked it up. The customer’s information has been compromised. But who’s at fault? Is the customer at fault for not deleting old messages or not locking their device? No! You are at fault for sending it to them unsecured. Why? Because the customer is always right and you are always at fault. That’s why.
Solution: Do not lose control of content just because it resides on the customer’s device. Choose a messaging platform that keeps content secure on the device and allows you to remove content remotely if a device is lost or stolen.
Some people love to keep things, and when it comes to digital items, including digital communications, there are some arguments to be made in favor of hoarding: The more you keep the more you can analyze. Indexing technologies make it easy to find what you’re looking for regardless of how high things pile up and the cost of storage is so low, there is no real economic argument against data hoarding. But here’s another fact that will not easily be contradicted: a mobile device is not the best place for long-term storage. Putting a hoard of data in your customer’s pocket increases risk from both intentional and unintentional use.
Solution: Choose a platform that allows you to make sure that messages expire and disappear from mobile devices on a regular, reasonable schedule. If long-term retention is required by law, regulation or data analysis needs, retain records in an archive that you control, tucked safely behind your firewall while removing all other copies from devices after a predetermined timeframe.
Contributor: Avi Elkoni