Check out all the on-demand sessions from the Intelligent Security Summit here.
Across today’s enterprises, electronic communication channels like Slack, Zoom and WhatsApp have revolutionized business communication and become vital to business continuity, collaboration and remote work. While convenient and necessary for many organizations, this massive shift in the way we communicate also brings significant risk, including compliance and security concerns that could result in disastrous data leaks and debilitating fines. This is a problem on a global scale. Wall Street’s biggest banks have already faced a combined $1 billion in fines because of employees using encrypted messaging apps to communicate and conduct business, and the UK’s Financial Conduct Authority (FCA) is warning firms to find alternatives to WhatsApp.
And it’s not only those in regulated industries who need to address this new wave of employee communication. Organizations of all types, including those in the private sector, are susceptible to risk when employees are overly reliant on electronic communications applications. Beyond business risk, the unsecured nature of these services has led to a significant increase in sexual harassment, racism and market abuse on these now crucial and necessary business channels. Trolling online has become commonplace, and unfortunately it has seeped into today’s work-from-home culture. Being physically separated has not reduced the number of racist or sexist incidents, but instead, has led to a rise in microaggressions.
To mitigate these risks associated with electronic communication applications and to combat market abuse, firms must focus on monitoring and understanding the data within these channels to decipher the context and determine whether any prohibited activity is taking place. Conversations over communication channels always leave a trail to any misconduct in the workplace, making it imperative that organizations possess the tech-enabled tools to properly manage and monitor the data found within these applications.
Communication application sprawl
Organizations now have to adapt their policies and procedures to meet the communication expectations of both employees and valued customers, or continue to pay the price for not doing so. This means organizations are constantly adding new communication channels to communicate both internally and with clients and customers. Today, people are using more devices and channels than any other time in history, making it even more difficult for organizations to keep tabs on who said what, what information is shared and where that information is being spread.
Intelligent Security Summit On-Demand
Learn the critical role of AI & ML in cybersecurity and industry specific case studies. Watch on-demand sessions today.
WhatsApp, Zoom, Slack and other electronic communication channels became necessary for business continuity and collaboration during the pandemic, and now, the proverbial toothpaste can’t be put back in the tube, despite the massive risks and compliance and security concerns associated with these channels. While these tools emerged during a time when they were necessary for employee collaboration, a recent survey of enterprise employees found that more than half of respondents thought that collaboration tools were a problem, despite the various channels that had been made available over the past year. To keep employees productive, and protect the business from risks, it’s best practice to simplify communication channels, choose which work best both internally and with clients, and eliminate those deemed unnecessary.
Once an organization defines parameters around which communications channels can and cannot be used, the next step is ensuring all conversations are being monitored for nefarious behavior as well as archived in case future problems arise. Historically, when only phone and email conversations needed to be archived, organizations typically used onsite archiving software; however, in today’s evolved business communication world, where we also have to account for video conversations, text messages and other types of electronic communications, cloud-enabled solutions have become necessary for many organizations that wouldn’t have considered such a move pre-pandemic.
In addition to regulator fines and the potential for a toxic workplace, these communication channels can also lead to business-threatening data leaks, especially when it comes to material non-public information (MNPI). When MNPI gets into the wrong hands, nefarious activity, like market abuse, often follows. To protect against this, security teams must develop parameters for language and messaging that are considered MNPI before determining which employees are privy to what information. From there, modern proactive surveillance technology should be able to alert for MNPIs mentioned improperly so the surveillance team can address them.
Viewing conversations as data
Today, organizations must look at their employees’ electronic communication channels as data hubs full of risks, including security and compliance concerns, that can cripple a business if not accounted for proactively. What complicates this even more is that electronic communications channels are evolving — what’s used today will not be used tomorrow, so solutions must be adaptable in order to address future concerns as they arise and develop.
Just as communication channels have adapted to today’s business age, the solutions required to protect organizations are also evolving, with new, cutting-edge solutions hitting the market every day. What’s key is that organizations recognize the significant weight in this business communication shift. These electronic communication channels are where business is happening, so monitoring and securing communication data must be a core function for the organization.
There’s no doubt electronic communication channels bring great advantages that today’s enterprise rely on. However, they also come with great risks on both the regulatory and reputational side, risks that can crush a business if not accounted for properly.
Shiran Weitzman is CEO and cofounder of Shield.