Smartphones with their ability to receive voice calls, instant messages, and email messages make staying connected easier than ever. Unfortunately, rampant smartphone use can also impact the confidentiality of business communications. For example, almost everyone accesses email on their cellphones which could mean that confidential data resides on an insecure device.
Sending and receiving confidential information on mobile devices is risky due to hacking concerns. Users often use unsecured Wi-Fi connections when away from their homes and offices. Unfortunately, hackers can easily break in! What's more, mobile apps often do not encrypt data before transmissions, making that data vulnerable while it's in transit.
Using free Wi-Fi at the local coffee house isn't the only threat to confidential data on a smart phone. Smartphone theft is a real and growing problem. According to Consumer Reports, over 3 million mobile phones were stolen last year. The most common cellphone theft scenario involves the owner forgetting a cellphone in a public place followed by car or home burglaries.
In addition, smart phones can also be infected by malware. In fact, Sophos reported that the Android operating system is the world's most targeted platform among hackers, not Windows. According to McAfee, mobile malware increased 33 percent in 2013.
Few users actively secure their mobile devices from computer viruses and spyware. Most mobile devices do not come with security pre-installed and many users do nothing about it. Some don't even secure their phones with a password.
Overcoming Smartphone Vulnerabilities
Businesses concerned about the confidentiality of their data often have strict mobile device security policies in place because of these and other concerns. For example, they may secure both company-issued mobile devices as well as BYOD (bring your own device) devices. They may also require the use of a virtual data room for financial documents and other sensitive files.
However, no matter how secure your company's mobile devices are and how well-written its security policy may be, you can't control how people outside your company secure and use their own phones. Thus, sending confidential files or revealing sensitive information to an investor or third party partner using email or a file-sharing app could be riskier than you realize.
Though you can't control how others secure their mobile devices, you can control how you share your data. Perhaps one of the most important first steps is to stop using email as a file sharing mechanism and move to a virtual data room. With a virtual data room, you can assign individual user permissions, require two factor authentication, and prevent users from downloading documents altogether by designating documents as "view only."
Sending sensitive data via email is far too risky both in terms of vulnerabilities while in transit as well as the potential for your data to reside on unprotected mobile devices. Don't count on others to protect your data once its in their possession; take a proactive approach by using a data room.