WELCOME TO BROWN’S BYTES! YOUR WEEKLY INSIGHT FROM MOBLICITI’S CTO ANDY BROWN. FOLLOW #BROWNSBYTES
13th April 2018
The recent revelations about both the level of data Facebook collect and their controls over it are clearly concerning on a number of levels, but the key thing here is that the Smartphone is often the source of this rich data.
Since the dawn of Social Media there has been friction relating to its place in the Enterprise and how to control it.
Initially this was just about locking down the browsers to stop staff wasting time, but over time this evolved as smartphones and tablets were deployed.
The simple solution on Corporate devices was to block all the Social Media Apps and whitelist only acceptable Apps. However, the problem with this was that IT were seen as the fun police and where accused of turning these fancy devices into black bricks.
Demand for BYOD was arguably born out of these bricked devices being compared to all the things that could be achieved on a personal device. So, the challenge was now on to build firewalls on the device between Corporate and Personal data. Cue containerisation, whether at App or OS level.
But there is always an area that personal and corporate data tends to overlap.
This is the Contacts.
Are Contacts personal or corporate information? I’ve sat in very long meetings in a previous life discussing this…. precisely because the answer is both!
Now overlay that with modern Social Media Apps. They all “need” access to your Contacts to function and they then access them constantly in the background (it would seem they not only want to know who the contacts, but also precisely when these links were formed). On a BYOD device this will almost certainly mean that Business Contacts are therefore being scraped and stored by the Social Media giants. Facebook probably has a better map of how networks are formed inside organisations than the organisation itself… an org chart of how the company actually interacts with itself (and others).
Now consider LinkedIn – I’ve seen a number of very security conscious organisations that allow this Social Network on all browsers and Corporate devices. Facebook is a no-no, but LinkedIn is fine… yet they basically do the same thing from a security perspective.
Unfortunately, the genie is out of the bottle now. Whether you like it or not everyone’s name, job title, company, email address, phone number and more has been captured by the Social Media firms and we now know this can be shared as they see fit. Even if you have heroically controlled the data perfectly your end, the reality is that via external contacts this data will have been collected anyway!
Please get in touch if you’d like help making sure your phones are secure and to limit what else the Social Media firms can collect of your Enterprise data.