Instant messaging has evolved quite a bit since the late 1990s when people would use them to communicate with each other on a real-time basis. Cut to today, where we are spoilt for choice with a large number of messenger apps that are available from several companies.
Evolution of messaging
In this era of technological advancement, messaging platform developers are constantly innovating. They have not only changed our personal communication, but there has also been an evolution in the way we work and the tools we use to communicate with our colleagues. Earlier, workplace communication was all about memos and notice boards, gradually shifting towards business email and today to team collaboration platforms.
As organizations move to team collaboration apps, it makes them more agile and connected to each other. The key factor leading to this shift is the fact that employees now have the freedom of remote working along with a more collaborative environment.
While all these platforms bring in expediency to our lives, the risk factor from a technology point of view is also high. A very recent example of a security breach is that of an employee of a pharmaceutical company who was arrested for giving away data of the company’s recent transactions to an employee of a business competitor. The data breach included names of the firm’s customers during this period — about 5,000 contact numbers, total payments customers had made to the firm and details about discounts that they were offered. The transactions were worth several hundred crores of rupees.
So where does the problem lie?
The challenge lies in terms of how organizations make use of generic messaging platforms that are not meant for professional communication. Therefore, the people with authority need to understand that as technology evolves and is adopted, businesses need to continuously evaluate existing apps to determine whether they provide sufficient security for corporate use.
How can CTOs tackle this?
Here are some steps that an organization can undertake to opt for platforms built and designed with enterprise security and compliance in mind. Communication is a core need for any business and they need to ensure that data privacy and control user access is in place
- Businesses should always consider using encrypted rather than decrypted messages as the latter is associated with more risks. When an organization is making use of an encrypted messaging source, the message should remain in an indecipherable format until it the recipient receives it. Hence, it is imperative to ensure employees use these encrypted apps on smartphones.
- Be wary of the industry that you operate in as certain industries are more vulnerable to attacks as compared to others. Hackers may target you for the sensitive information that you deal with. So if you’re in the business of legal, finance, insurance or travel and hospitality, a data leak can have much more severe consequences in comparison.
- Another important aspect to scrutinize is the security of emails that are sent both internally and externally. Most email providers have virtual private network (VPN) encryption technology as standard but dwelling more into the level of protection won’t do any harm. Make note that advanced encryption standard (AES) should be the preferred cipher for encrypting all communication for utmost protection.
- Last but not the least is awareness among employees. Leaders have to invest in the training of their IT teams and employees to ensure that they gain the required knowledge related to cyber security.
By Devashish Sharma, CTO, Flock