Proven Legal Technologies – the corporate forensic investigation and e-disclosure firm, today unveils the top five things employees have stored on their smartphones, revealing the dark side of Bring Your Own Device (BYOD).
Proven Legal Technologies’ exercise involved the purchase of four random smartphones from eBay – each from different sellers around the United Kingdom. The content was forensically analysed, revealing a surprising amount of information about previous use, including detectable company data that has previously been ‘wiped’ by their owners.
Using personal devices for corporate activity can increase flexibility and efficiency, but Proven Legal Technologies’ research found that employees are storing confidential company information on their smartphones, which poses a serious security threat to businesses.
The top five items detected on ‘wiped’ devices include:
1.Documents and files
Between the four smartphones analysed, 1,531 deleted files and documents were recovered, many of which were confidential business records and valuable intellectual property.
2.Messages and calls
With 1391 calls, 442 SMS, and 438 emails tracked and stored, any fraudster that uncovered the discarded devices would have access to corporate communications and details. With most businesses unware of what employees send and store on their phones, they will not know what has been passed on with discarded devices.
54 deleted contact details were located on the smartphones, with a further 10 that had not even been wiped. With some criminals using phone numbers and email addresses to target victims, careless employees could be putting their colleagues and company at risk.
The previous owners of the four analysed phones unknowingly made their web searches and location data accessible, with 351 search histories stored, and 525 instances of deleted location recovered.
33,535 images were found on the second-hand devices. Individuals could put themselves in danger by storing personal images on their mobiles, and pose serious threats to their company’s reputation by releasing indecent shots into unknown hands – 66% of the pictures recovered had not even been deleted.
Phil Beckett, partner at Proven Legal Technologies, comment “Companies – and individuals – must be aware that pressing delete is simply not enough. Businesses of all sizes are vulnerable to confidential data loss, and given the vast amount of information housed on corporate devices these days, this could result in some very serious problems.
“Our research shows that even smartphones that have previously been ‘wiped’ are still at risk from detection. This should act as a call to action for businesses to take precautions around BYOD schemes, and keep a close eye on where confidential is being stored and sent – educating themselves, and employees, of the dangers.”