How Enterprises Can Leverage SMS to Minimize Security Risks and Aftermath

By Steve French, Global VP of Product Management & Marketing, OpenMarket for InfoSec Island

In the last year, enterprises have experienced an increasing number of cybercrime incidents, orchestrated in new ways and coming from directions we’ve never seen before.

Dubbed the “year of the retailer breach,” in 2013 we saw a shift from geopolitical incidents such as the NSA leaks to large-scale attacks on payment card systems of retailers like Target. Cybercrime accounts for an estimated $500 billion in losses annually, but costs often extend beyond the financial assets and intellectual property obtained by the hacker, to expensive consumer lawsuits, corporate ‘clean up,’ and rebuilding of brand reputation. For example, the Target hack resulted in over 90 lawsuits for negligence and compensation, the ousting of its CEO, and the company paying out a whopping $61 million in collateral damages. Now more than ever, security and IT professionals are expected to quickly and effectively communicate any security/fraud incidents to employees and customers in real-time, especially those on the front line playing a pivotal role in protecting their organizations from these cybercriminals.

As a primary defense, enterprises leveraging tried and true SMS messaging within their IT, security, human resources, and emergency communications strategies is on the rise. For example, Forrester found that 86 percent of enterprise decision makers plan to use SMS in their business operations this year – the highest rate of any mobile technology across businesses worldwide. Meanwhile, 70 percent of enterprises consider SMS the most important mobile technology due to its broad reach and a high ROI with above average response metrics both of which are critical during any security emergency. This high ranking is supported by the fact that there are over 3 billion mobile users worldwide and research shows over 90% of text messages are opened and read within 3 minutes.

As a virtually ubiquitous technology enabling automation and reliable two-way communications worldwide, SMS mobile messaging has proven crucial for those enterprises with effective data security, incident management and business continuity measures in place. Here are the top three ways enterprises are using SMS technology to minimize security risks, improve responsiveness and reduce negative fallout.

1. Another layer of security

In 2013, 76% of network intrusions exploited weak or stolen credentials, which demonstrates how vital an extra layer of security is for the enterprise. Fortune 2000 companies are leveraging SMS mobile messaging to minimize their risk of security breaches with SMS-based two-factor authentication (2FA). 2FA requires the use of one-time passwords and ensures that even if username and password credentials are compromised, customer and/or proprietary information will remain protected – creating a path of higher resistance that has proven strong enough to deter most cybercriminals. In fact, these capabilities can help enterprise CIOs follow the lead of industry giants like Facebook, Google, LinkedIn and Twitter, which have already implemented SMS-based 2FA to protect user information.

2. Quick, effective and ubiquitous mobile communications tool

Enterprises are using SMS one- and two-way messaging to quickly and effectively communicate possible vulnerabilities, security breaches and system/network outages to IT first-responders, staff and customers. By minimizing human delays and rapidly getting the right information to the right people, IT and security teams can make good decisions quickly and control the accuracy of their messages both internally and externally. These critical decisions lead to faster resolution and reduce the impact on workforce productivity, business continuity, customer service and brand reputation.

3. Efficiently manage resources and encourage accountability

A network outage or security issue can quickly impact an enterprise’s service level agreements (SLAs), putting their customer relationships at risk. That’s why many top companies are also utilizing SMS to trigger internal alerts, track events through ticket lifecycle management, and manage their resources effectively during these incidents. With mobile notifications, enterprises can seamlessly notify the right staff and automatically escalate incidents to gain additional support or management visibility. SMS also enables them to conduct  customer surveys and obtain feedback about the effectiveness of their communications in order to assess and improve their performance.

As a proven and powerful tool in incident management, SMS is helping enterprises across the globe improve IT operations and management, as well as ensure business continuity and increase security, authentication and fraud protection. Responsible for overseeing mission-critical operations within their organizations, security and IT leaders need to consider SMS as a critical component of their company’s security and operations practices.