B2B Dangers of Snapchat

If you are unfamiliar with Snapchat, it is a mobile application that allows users to share images, video, text, or audio files for a limited time duration after opening, generally between one and ten second. After the time limit expires, the files are supposedly purged from the Snapchat cloud server.

From a business perspective, privacy and security are paramount. As such, this leads to hesitation in using any cloud computing due to sensitive data existing beyond the company firewall. The sensitive information found in most B2B transactions, such as product launch details, changes in pricing, banking statement details, or identify personal information, is at risk for deliberate hacking security breaches (as occurred recently with BitCoin exchanges or Adobe) or unintentional leakage through misdirected traffic (as happened with the IRS and reported tax frauds).

In addition, Snapchat’s substandard encrypted data transmission opens the possibility for data mining, either by Snapchat directly or by a third-party intercepting their outbound packets. This could easily lead to devastating results with competitors able to understand input costs and overheads, profitability margins, and any proprietary efficiencies.

Beyond the server level security, the issue of end-user confidentiality arises, and cannot be easily controlled. In the first instance, there are the two options of taking a screenshot of the limited time message or taking a picture of the display with a second device. Both of these actions lead to a second, uncontrolled copy of the original message, which is problematic from a B2B perspective.

In addition, expired Snapchat photos aren’t deleted from the end-user’s device nor are they guaranteed to be deleted from the Snapchat server. Within a folder named “received_image_snaps” both as yet unviewed as well as expired images can be found and duplicated. Snapchat’s security relies on lazy/unknowledgable users from finding this directory, which in not the best method of dealing with sensitive information.

This leaves two slim methods of B2B use of Snapchat. In the first case with a trusted end user, encrypt the message prior to sending through Snapchat, and send the encryption key directly to the end user. This will act as a second layer of protection beyond that offered by Snapchat. It also protects your data in case it is not actually deleted from the cloud server once viewed. The second case is transmission of non-sensitive information, which can be undertaken without concern about enduring copies of the message.