Over the past 20 years, email has been the preferred communication technology in the enterprise. Now, as workers go mobile, instant messaging is replacing email, and that’s a big security concern for IT.
For the past 20 years, most office workers, who have been desk-bound and using PCs or workstations, relied on corporate email for the bulk of their communications, including sharing documents, spreadsheets, and other files. Now, in just the past five years, the workforce has switched from stationary to mobile, with employees ditching email in favor of instant messaging (IM) apps to communicate and deliver documents.
IM is fast, easy, convenient, and geared toward workers who rely more on smartphones and tablets for productivity rather than traditional desktops.
The revolution of mobile instant messaging came several years ago from BlackBerry — a company that now also finds itself behind the times as Apple’s iPhone and Android devices dominate.
Still, BlackBerry showed business users how convenient it was to use the same device — which most of us just thought of as phone to make calls — to check email and exchange short messages through the messaging platform.
Today, smartphone-based instant messaging, including texting, is used by more than 4 billion people worldwide. However, based on a more recent report from ITU, I estimate that number at closer to 5 billion.
It’s is the most popular form of instant messaging in Asia, Latin America, and Europe, and the app is quickly becoming a household name in the US. But it’s really only in countries such as the US and the UK that consumers still do most of their instant messaging by conventional texting (SMS), since carriers offer bulk and unlimited text plans.
The advantages of apps such as WhatsApp, Facebook Messenger, Google Hangouts, and Apple Messages are enormous. People can not only send small bursts of text like SMS, but they can also send pictures and videos. The newest versions of some of these apps include free worldwide voice calls within the app between users. In addition, some apps offer users the ability to share and send any kind of attachment.
IM is so convenient that many users do not want to communicate by email at all.
New Ways of Working
Many users now consider email outdated because people tend to wait much longer to answer an email than respond to text messages. Text-messaging is also very addictive, since people are constantly waiting for the next message and continue to be engaged in the conversation, or conversations, even if there is nothing of importance to say.
A 2008 study by researchers at Ohio State University and UC Irvine found that “workers who used instant messaging on the job reported less interruption than colleagues who did not.” However, the researchers warned that “as IM evolves to support richer communication modalities, becoming a medium over which voice and video dominate text, some of the benefits […] might be reduced.”
For consumers, these technologies are great free tool to stay in touch with friends and family and share the latest pictures of the summer vacation outside of Facebook. However, they are a definite nightmare for IT managers and security officers who try to contain the flow of sensitive, sometimes critical, information outside of their networks.
Some users don’t think twice before sending passwords and online banking credentials by WhatsApp, and now WhatsApp allows sending any kind of attachments to individual users or groups, making it a desirable tool for quickly sharing any kind of information.
As with email, if you click the send button without checking, you could be exposing last meeting’s strategy minutes with a stranger, competitor, or worse.
Many corporations are now faced with a surge of IM usage as part of theBring-Your-Own-App (BYOA) trend that has replaced the BYOD problem of a few years ago.
The trend has been so challenging to IT that many enterprises decided to ban several popular apps on company issued smartphones, such as Box, Drive, Angry Birds, and WhatsApp. But the new wave of instant messaging apps and their popularity are forcing CIOs to break the walls and allow people to install them, as long as they don’t use them for business.
However, trying to control the behavior of thousands of employees is difficult. Sooner or later, someone will use a consumer app to send work-related business to someone else. This is the nightmare of IT security.
What IT Needs To Know
Enterprises using strong Enterprise Mobility Management (EMM) software, such as VMware’s AirWatch or Samsung’s Knox, can effectively manage what applications are installed. EMM can also separate work and personal data on the devices, while allowing only enterprise-approved instant messaging and email clients to be used for business communications.
However, IM usage is growing so fast that VMware is seeing a strong demand for their secure IM application, SocialCast, which works seamlessly across any mobile device and personal computers. This kind of applications allows enterprises to keep control of what is shared on IM clients and make sure nothing considered sensitive is shared outside the organization.
Same as with the BYOD phenomenon, IT needs to educate users on the advantages, and problems, of using IM for work. If the enterprise has its own IM platform, employees should be instructed and required to use it. Otherwise IT departments need to ensure some basic rules are followed by everyone and sensitive corporate data doesn’t go away on a click.