After Slack was hacked in 2018, many experts were pointing to WhatsApp as the most secure mega-messenger on the market. However, more recently, WhatsApp experienced their own data breach.
Where does that leave us? If WhatsApp and their gaudy security team can get hacked, what hope do the rest of us have?
Here are a few key lessons that businesses can glean from this (or any) data breach.
Timely and Transparent Communication is Key
Facebook was heavily criticized for slow and sluggish communication to their users about what exactly happened.
In today’s marketplace, many consumers somewhat accept that their information will be compromised at some point. They don’t love it, but they accept it. However, what they are less willing to forgive is a lack of transparent communication from the company.
This is why you need an emergency data breach communication plan, prepared well in advance of an actual breach. Your company needs templates standing by with approved boilerplate messaging for all levels of company communication. This includes:
- Internal communications to report the breach to your staff
- High-level messaging for the company’s website, press release, and social media
- More granular messaging for front-line customer service
Take the time required to create this messaging, get it approved by stakeholders, circulate it, and make sure everyone’s responsibilities are clear.
The Bigger the Name, the Bigger the Bulls-eye
WhatsApp’s tagline in the Google Play store was, “Simple. Personal. Secure.” That almost seems to be daring hackers to have a go at it.
This latest breach is far from an isolated incident. In fact, every single company in the Fortune 100 has experienced some sort of breach in recent years. The battle between security staff and hackers has reached Game of Thrones levels of intensity. Don’t believe us? You can click here to read more about that comparison.
This means that companies need to be more diligent than ever in safeguarding their data. The first step is to choose the most secure possible facility for your offsite data.
Mobile Devices are Very Vulnerable
Despite both Google and Apple being the two biggest brands in the universe, with two armies of the best minds in the world working full-time to make each respective OS as secure as possible, neither could prevent this attack from reaching mobile users.
Companies that have a fleet of employees with company-issued or bring-your-own-device smartphones in their employees’ hands need to take extra precautions to protect their data. In most cases, a mobile threat defense solution should be rolled out across the whole fleet.
Employee Training is Key
Human error was not the cause for the WhatsApp hack, however, it remains the cause of nearly 50% of all data breaches.
Any organization needs to make employee data security training (and up-training) a constant priority. Front-line employees are the gatekeepers to any company’s sensitive data, and they need to be made aware of all of the risks and best practices. They also need to know that a single misstep can bring down an entire network.
We all have the opportunity to use high profile data breaches as a cautionary tale and an opportunity to see what we can all do better. In the case of WhatsApp, the key takeaways are to expect to be attacked (particularly if you’re a big company), prepare yourself accordingly, and communicate openly if it does happen.
The companies that do these things can more easily mitigate the damage, control the conversation, retain their customers, and protect their reputation.