How to Keep Text Messaging Inside the Business Secure & Compliant
Text messaging has taken on a life of its own in the enterprise, providing a sure-fire way to grab a colleague's attention quickly and all but ensure an instantaneous response. But all this text messaging comes with a gotcha. While the business can benefit from such efficiency, text messaging used in such an unrestrained manner can put a business in jeopardy of being noncompliant and at risk of security breaches.
Consider the use of text messaging among business colleagues using any old messaging apps from personal devices, for example. Consumer-grade messaging apps like WhatsApp or WeChat can be vulnerable to hacking and other threats, making those business conversations open to interception by malicious third parties. What if those messages contained sensitive financial or personally identifiable information on an employee or customer?
When business users send each other text messages via unsanctioned apps, IT has no visibility into the information riding over such services. They can't archive those business conversations, and wouldn't be able to find them during discovery proceedings -- which may very well mean the company fails to meet regulatory compliance mandates.
Tough as drawing a line between acceptable and non-acceptable use of messaging may be, businesses must do so. For one, they must put firm policies in place that define what types of communications workers can exchange on personal devices through SMS and other types of messaging, and back up those policies with user education. Additionally, businesses must implement messaging platforms that can provide compliance and security while allowing users to rely on texting as a means of reaching out to colleagues.
While a business-dedicated messaging app is the strongest way to differentiate between personal and professional messaging, some businesses like to use containerized mobile app deployments as a way to secure communications apps and software. Mobility management software suites often provide the means of containerizing apps, and can offer secure versions of peer-to-peer messaging along with other popular business tools, including email, browsers, and calendaring. On the downside, this type of solution can be difficult to implement in BYOD environments.
Businesses that do allow personal device use need to look for a secure/compliant mobile messaging platform that provides auditability -- i.e., message retention and archiving -- and encryption, both of the communication channel itself and data while at rest.
And businesses that deal with sensitive data, especially if they operate in regulated industries, would do well to seek out vendors that can provide a dedicated messaging service that handles encryption as well as the storage and archiving of text messages for legal discovery and compliance. A cloud-based service is particularly beneficial, allowing businesses to centralize all the messages and communications among employees.
Learn more about the challenges of text messaging in the business world, and discover how AT&T's Business Messaging platform can help address those pain points in this IDC whitepaper, "Business Messaging Balances Speed and Convenience with Security and Compliance."