It seems most people are looking for love in all the wrong places – quite literally. According to a report by Reuters on a recent IBM study, about 50 percent of people surveyed copped to using a dating app on a work device. When you consider that the study also found that 63 percent of Android's mobile dating apps have significant vulnerabilities, the issue becomes clear: employees' romantic lives can lead to data breaches for their employers.
If an employee uses a dating app with a security weakness at work, their device can be a foothold into the small business's network. IBM opines that when using a dating app and waiting for a message from a stone-cold fox, users might have their guard down more so than when they check their email or browse the web.
In other words, in the excitement of a new notification, they might click malicious links or share information they would otherwise be careful not to divulge. After all, who doesn't talk about what they do for a living or where they work with potential dating partners? In the context of getting to know someone, those "prying" questions may seem like par for the course.
Say, for example, a small-business employee is browsing local cuties on a compromised dating app while at work. Hackers can exploit the lovelorn user by…
- Sending a phony phishing message crafted to glean sensitive work information.
- Remotely accessing a phone's camera or microphone to eavesdrop and collect confidential information (e.g., from a business meeting).
- Accessing GPS data to stalk the target.
- Stealing a user's billing information to make fraudulent purchases.
Given that bring-your-own-device (BYOD) workplaces are on the rise (especially among smaller businesses), this is an issue that small-business owners can't afford to overlook. When an employee uses their compromised smartphone for both work and play, your business's data security hangs in the balance. You want your employees to use their mobile devices to benefit your business, not to inadvertently put in it in a hacker's crosshairs.
It's Not You – It's My Data Security
So how real and pressing is this problem of vulnerable dating apps, anyway? Consider the following:
- About 31 million Americans have used a dating site or app (e.g., Tinder, OkCupid, or Match), according to a 2013 Pew Research Center study [PDF].
- By 2017, 50 percent of employers are likely to require employees to supply their own devices for work, according to a survey by Gartner.
With the prominence of dating app users and BYOD workplaces, there's infinite potential for havoc when these forces combine. (For more about smartphone security, see "Use Mobile for Business? Your Cyber Liability Is Probably Through the Roof.") At this point in time, IBM reports that the dating app risk has yet to come to widespread fruition, but that doesn't diminish the danger.
Protecting Your Data: A Labor of Love
If you have a pulse in the 21st century, you know how dastardly data breaches can be for a business. Between the bruised reputation, credit-monitoring costs, and lawsuits, even major retailers can be financially shaken by a breach.
What you may not know is that small businesses are significantly more likely to be targeted for a cyber attack. (More on that here: "Top 8 Data Breach Misconceptions.") That's why it's important to stay on top of new risks and do what you can to mitigate the exposure. In regards to the recent dating app threat, you can…
- Encourage employees to refrain from logging into dating apps while at work.
- Educate your employees about the risk so they don't divulge private information when responding to messages.
- Train employees on the importance of using unique passwords for every online account.
- Teach employees how to apply the latest software patches to protect their personal devices used for work.
As a failsafe, be sure your small business also has Cyber Liability Insurance, which can help pay for data breach response costs if your risk management moves aren't enough. Read more about how this policy protects your business in the post, "Analysis Shows Less than 3% of Small Businesses Have Cyber Liability Insurance."