According to a survey conducted by Ponemon Research, 90% of companies surveyed had a network breach by hackers in the past year. With the rise of self-destructing media, enterprises are beginning to use apps similar to Burn Note to improve business practices. Could apps like Snapchat provide valuable suggestions for updating corporate data retention policies to provide greater security?
Initially, Snapchat may have seemed like a silly app to the the corporate world because businesses didn’t see the point of sending silly disappearing picture messages. By disabling screenshots, although not 100% effective, many users were confident in the app’s ability to permanently erase their picture after several seconds. In May, 700 million photos and videos were shared per day via Snapchat.
Since Snapchat’s creation in 2011, then called Picaboo, the app has been paving the way for disappearing media. Starting with just disappearing pictures, the app expanded to disappearing videos and messages. In October, Snapchat gained additional recognition as a social media platform with the introduction of “Snapchat Stories” which shared selected disappearing media with your entire contact list within the app for 24 hours. Snapchat has been the dominating app for disappearing messages, but iOS 8 is making a move in that direction.
Do these self-destructing content apps have the right idea for enterprises? While all the details of the new iOS 8 update are yet to be unveiled, we do know that audio attachments in iMessage are automatically set to erase unless chosen to be kept in the conversation thread, as demonstrated in the WWDC keynote presentation. The concept of automatically deleting files could create better security measures for enterprises while also reducing costs of storage.
Improving Data Retention Policies
Are you protected against outsiders gaining access to internal documents, insider information, and more? One of the best ways to protect your enterprise could be to not have any documents available as they already expired after a set period of time. Nondisclosure Agreements only protect companies from authorized employees sharing confidential information. How is your enterprise protecting itself from unauthorized viewing and sharing of information?
Do you ever remove documents, contracts, or other files from your computer? Unless you are running low on storage and need to free up space, it is likely that you still have almost every file that has ever been on your computer since you bought it. If you transferred files from your previous computers, the archives could go back 5, 10, or even 20 years. Some of the data contained within your files is meant to be seen by only a select number of authorized people. You may have no intention of purposefully leaking or sharing the data, but what about the hackers that have worked their way onto your network? If you are hacked, an intruder now has access to every file and internal document saved on your computer. Your enterprise would be liable for exposing confidential client information, trade secrets, and more that could potentially damage the reputation of the enterprise.
Large enterprises typically have data retention policies in place that automatically delete email after a certain time period. This practice could be expanded to all company files stored on employee computers. An enterprise could choose a customized time interval for expiration of all files after the completion of projects. Not all files contain sensitive information therefore it may be ideal to have a toggle switch at the top of each file viewing window for employees to use their judgement in turning off this setting as an indication that a document does not contain sensitive data and can be safely retained for future reference.
This may also be a beneficial practice to extend to internal communications to improve data retention policies. Much of the communication that was previously done over company email has shifted to text message and alternative digital mediums making this more important than ever and perhaps a step in the right direction for protecting enterprises. It has been a long time custom practice for emails to be automatically deleted. With more and more enterprises using text message, Skype, HipChat, and other platforms to exchange messages between employees, enterprises must consider how to extend data retention policies to all communication methods.
Should all communication and attachments automatically expire? Burn Note, another self-destructing content platform, is more friendly for enterprises. The app allows users to set time limits for viewing after a message is opened. Once the time is up, the message is deleted from both devices. Users also have the option to take back a message, deleting it before it’s even opened. Burn Note’s Privacy Spotlight limits the information that can be captured in a screenshot. Messages are able to be sent as a weblink to non-Burn Note users. Features of Burn Note can help to build the ideal self-destructing context platform for use by enterprises as a part of data retention policies.
What if companies were able to gain valuable insight from self-destructing content platforms? Although these procedures will not entirely stop the leaking of customer data, insider information, and trade secrets, such features have the potential to dramatically reduce the threat and potential damage. It is important to put in place as many protections as possible to protect your company’s data and reputation.