The importance of protecting your metadata.
You don’t need to know what is being said in a conversation to know it is significant. Sometimes just knowing that someone is talking to someone else gives adversaries, competitors, unfriendly nation states, tabloid journalists/paparazzi all they need.
So just because your mobile conversations are encrypted, doesn’t mean all the information is encrypted and therefore unavailable – protecting your metadata and understanding exactly who has access to it, and what they might do with it, is every bit as important
What is metadata?
Metadata is ‘data about data’. Most people don’t give it a second thought when communicating digitally. In effect, it’s the envelope with the address of the person to whom you are sending a letter. The postman can’t read the contents of the letter, but they know that you sent a letter, where from, who to and when. In most western regimes the contents of the letter, email, voicemail, etc., is protected under civil liberties and human rights, but more and more governments are legislating so that they have a right to interrogate metadata, with ISPs and telcos legally obliged to keep these records.
Where were you – who did you speak to?
Information like your location, who you spoke to, when, for how long and how often, can give plenty away without having the details of what was said. As a simple example, if two companies are negotiating a sensitive deal, it is fairly easy for hackers to see the calls being made and received, who they were to/from and this could be all a competitor needs to gain a commercial advantage. There are many examples where privacy is paramount to protecting an organisation: a team of lawyers working on a corporate merger or acquisition; a defence contractor completing the final details of a supply deal; or a pharmaceutical company discussing the results of the latest drug trials. Alternatively, for a high net worth individual, having a journalist learn that they have called a drug rehabilitation clinic could be enough to ruin their reputation.
It’s cheap and easy to find out if you are not careful!
Simply encrypting the email, voice call, attachment or text message doesn’t provide total security because metadata is still available. Even entry level criminals or script kiddies can access technology (such as IMSI catchers/fake base stations, SS7 hacks, etc.), that enables them to harvest your call and location metadata, for just a few hundred pounds.
And that’s not all – if you use a free app, such as those that are owned and controlled by social media companies, they also control your metadata. They can, and do, use that information for their own ends, and pass it on to others. Metadata is a valuable commodity, which is being bought and sold!
If your staff need to communicate while out on the road, from a mobile device, and you need to keep commercially sensitive information and intellectual property private, speak to us now.
Call: 020 36 37 38 01