While using personal devices for corporate activity is said to help increase flexibility and efficiency, new research from Proven Legal Technologies reveals that employees are storing confidential company information on their smartphones, which poses a serious security threat to businesses.
Proven Legal Technologies’ exercise involved the purchase of four random smartphones from eBay – each from different sellers around the United Kingdom. The content was forensically analysed, revealing a surprising amount of information about previous use, including detectable company data that has previously been ‘wiped’ by their owners.
“Companies – and individuals – must be aware that pressing delete is simply not enough. Businesses of all sizes are vulnerable to confidential data loss, and given the vast amount of information housed on corporate devices these days, this could result in some very serious problems,” explains Phil Beckett, partner at Proven Legal Technologies.
“Our research shows that even smartphones that have previously been ‘wiped’ are still at risk from detection. This should act as a call to action for businesses to take precautions around BYOD schemes, and keep a close eye on where confidential is being stored and sent – educating themselves, and employees, of the dangers.”
Here are the five mistakes your employees are making on their work devices right now:
1. Documents and files
Between the four smartphones analysed, 1,531 deleted files and documents were recovered, many of which were confidential business records and valuable intellectual property.
2. Messages and calls
With 1391 calls, 442 SMS, and 438 emails tracked and stored, any fraudster that uncovered the discarded devices would have access to corporate communications and details. With most businesses unaware of what employees send and store on their phones, they will not know what has been passed on with discarded devices.
3. Contact details
54 deleted contact details were located on the smartphones, with a further 10 that had not even been wiped. With some criminals using phone numbers and email addresses to target victims, careless employees could be putting their colleagues and company at risk.
4. Private information
The previous owners of the four analysed phones unknowingly made their web searches and location data accessible, with 351 search histories stored, and 525 instances of deleted location recovered.
33,535 images were found on the second-hand devices. Individuals could put themselves in danger by storing personal images on their mobiles, and pose serious threats to their company’s reputation by releasing indecent shots into unknown hands – 66 per cent of the pictures recovered had not even been deleted.
Image source: Shutterstock