OpenMarket – November 20, 2019
SMS delayed delivery and data privacy failures have hit the headlines recently.
These missteps highlight the key role mobile messaging solution providers play in the relationships between organizations and their customers nowadays.
The incidents also bring into focus the duty of care brands have to protect customers’ messaging-related data.
The cost of delayed or lost text messages
A delayed or lost SMS message between an organization and an individual can have serious consequences for both parties.
These consequences might include a missed appointment, a late arrival of an important delivery, or needless waiting around.
But messages that finally arrive hours, weeks or months late can also leave customers confused – and sometimes distressed.
Imagine these types of messages arriving long after the fact:
• “Please make an appointment with Dr Odoi between 2pm and 5pm tomorrow.”
• “Your bank account is overdrawn”
• “Someone has logged into your operating system in Newark, New Jersey.”
When application-to-person (A2P) SMS errors lead to messages arriving in the middle of the night, the distress caused can be multiplied.
What are your data-protection responsibilities relating to SMS?
There are General Data Protection Regulation (GDPR) issues involved with missing messages too.
Under GDPR – which applies to companies across the world who control or process the personal data of individuals located in the EU – all information should be stored securely and protected against any unlawful or unauthorized processing.
It should also be kept safe from damage, destruction or accidental loss.
Brands are obligated to ensure third parties who process their customers’ data (for example messaging solutions providers) protect it – and don’t hold onto it for longer than they require it.
How do you protect your customers’ SMS data?
It’s time for brands and mobile messaging solution providers to work together to secure customers’ messages and private information.
Here are six first steps you can take to protect your brand right now:
1. Ensure customer data is hosted in data centers maintained by industry-leading service providers – with state-of-the-art protection.
2. Check the security history of your mobile messaging solutions provider – and the partners they use.
3. Look for certification under ISO/IEC 27001, a global standard that certifies the robustness of security controls.
4. Find out a provider’s stated approach to GDPR.
5. Look for providers with back-up plans for hardware, software and networks.
6. Look for evidence of vulnerability management and security through the whole information processing cycle.
If you’d like to dive deeper into the do’s and dont’s of messaging security and data privacy, try our guide to secure mobile messaging.
Or chat to one of our security and privacy experts. They’d be happy to help.