Text Messaging Top 10 Best Practices
Text Messaging 10 Best Practices – As more data is moved from one mobile device user to another more sensitive and confidential information is exposed to the potential of data leakage. Janco Associates has found that the 10 best practices below help to minimize risk and meet mandated compliance requirements.
- Use encryption – The text message must be communicated from the sending device, through the mobile provider or a software application to the recipient’s device in an encrypted manner.
- Keep your encryption key private – The encrypted text message should not be decrypted and stored on the cellular or network provider’s systems in ways that can be accessed by unauthorized personnel.
- End-to-end encryption should be followed – Both the sender(s) and the receiver(s) must fulfil the encryption requirements for the message in transit and at rest.
- Monitor and report violations – Report all unencrypted text messages that are received or sent out that contain any sensitive and confidential information immediately to the Chief Security Officer (CSO) or CIO.
- Clean up devices on retirement – Devices used to text sensitive and confidential information should be sanitized upon retirement of the device. They should be securely wiped when they are returned or an employee is terminated or quits.
- Passwords are a must – The mobile device and/or secure texting application must be password protected; this feature must never be disabled and is subject to audit or spot check at any time.
- Automatic lock down should be implemented – The mobile device must be configured to lock automatically after a period of inactivity (not to exceed 5 minutes).
- Minimize information sent – All text messages containing sensitive and confidential information should be limited to the minimum information necessary for the permitted purpose. Multiple identifying factors (e.g., full name, date of birth, medical record number, social security number or condition specific information) should not be used.
- Spell things out – Do not use shorthand or abbreviations.
- Check your work – Review texts prior to sending to ensure accuracy. Beware of auto-correct functions.