Thought for the day: Sending the right message

The use of SMS within businesses is increasing, firms have to be aware of the security risk, says Sarah Carter.

New Asset  

The use of SMS within businesses is increasing and firms need to be aware of the security risks, says Sarah Carter.





After the BBC reported that a text message stalker is jailed for five months, I wonder how long it will be until we see organisations being held responsible for the way employees use their company-owned mobile phones.

Text messaging is no longer just the pastime of teenagers; a poll carried out by the Mobile Data Association at the SMS 2002 conference in November showed that 60% of business used text messaging on a daily basis.

Just like any other part of an organisation's communication system such as telephones, web access or e-mail, mobile phones and their messaging functionality must be included as part of a company's overall corporate governance stance.

As such, there are several problems relating to the use of company-owned mobile phones that organisations need to consider. These range from general abuse of text messaging causing increased call charges and the potential for offensive or racist text messages to be sent, to inadequate security to protect confidential messages.

Since the introduction of tighter e-mail usage policies within UK organisations, there has been a noticeable upsurge in SMS usage among business users.

I believe that in a bid to beat the prying eyes of conventional internet security content scanners, many employees are now sending jokes and personal messages to friends and colleagues via mobile phones.

The danger of casual SMS messaging is that this could lead to defamatory or libellous remarks, jeopardising the company's reputation.

As MMS (Mulitmedia Message Service) usage becomes more widespread and users start to send colour images or even video clips from their mobile phones, the risks will only become greater.

Imagine the chaos that could be caused if several people start using picture messaging at the next office party - I'm already considering a ban!

It would be easy to assume that if neither the recipient nor the sender keep the SMS message that any dispute arising from the message would be irrelevant.

However, many network operators keep text messages for up to 12 months, so it might be possible for those messages to be subpoenaed as evidence or even requested under the Data Protection Act.

I can't help but wonder that if there are so many different issues that relate to the use of company-owned mobile devices, why is it that businesses are only just starting to realise the importance of protecting themselves?

Up until now, SMS communication has been seen as informal. And now that this image is changing, will companies start looking for recompense when things go wrong? Or is it that SMS, has been adopted mainly by Europeans and not by our litigious cousins in the US, that we have not seen any real issues in the general media?

Whatever the reason, the moment using SMS within the realms of good corporate governance becomes difficult, solutions need to be identified and implemented.

Not just for the problems that exist now, but for the future threats that SMS and mobile technologies will pose to organisations such as viruses, which are sure to come as next-generation hardware with sufficient processing power becomes available.

What do you think?

Has your company taken steps to secure your mobile usage?  Tell us in an e-mail >> reserves the right to edit and publish answers on the website. Please state if your answer is not for publication.

Sarah Carter is co-author of the white paper, Corporate Governance Issues for Mobile Communications, which is available through HarrierZeuros.

Read more on IT risk management