Today, Theta Lake announced it added new capabilities to the Theta Lake Risk and Compliance Suite, a software tool that helps ensure secure communications meet industry compliance guidelines for unified communications and collaboration (UCC) platforms such as Microsoft Teams and Zoom and other collaborative workflow platforms such as Asana and Box. Theta Lake primarily sells into the financial services, health care, and public sector verticals.
The new capabilities extend and/or enhance Theta Lake’s three core functional areas: Unified Capture, Unified Search, and Proactive Compliance.
Unified Capture
With Unified Capture, Theta Lake’s customers capture interactions within UCC tools – e.g., a voice call or email, as well as the content of those interactions, between broker and client. Theta Lake now captures content and modality types such as Zoom AI Meeting Companion, Verizon SMS and MMS, visual content and audit logs for whiteboards; omnichannel social and mobile messaging app capture for RingCentral CX, and more.
The following graphic shows Zoom Meeting and Zoom AI Companion Meeting Summary captured by Theta Lake.
In its Compliance & Security Report 2024/25, Theta Lake found that 35% of the surveyed financial services firms used 7 or more UCC tools and that 46% of firms expected greater use of enterprise social collaboration tools, as well as file sharing (48%) and workstream and/or project management tools (60%). Forty-seven percent of the surveyed firms expect to use more UCC tools in the next year.
“A conversation like we’re having now started in email. [During the call] maybe we share some whiteboard diagrams or add a screenshot, and then we continue over SMS and email,” said Garth Landers, Director of Product Marketing at Theta Lake. “Now we have a singular conversation that’s taken place over multiple channels. Companies can't apply that fragmented communications approach to compliance. They can't really follow the user so they can't really get the full context of what took place in a conversation or see how it evolved. If they try, they'll typically have gaps in terms of determining risk and understanding the overall context.”
To address this lack of visibility – which can lead to privacy, security and/or compliance issues – 54% of surveyed financial services firms have disabled some of the features/functionality of the UCC applications. Theta Lake found that one of the top disabled features was app meshing (which refers to the use of embedded apps – e.g., starting a Zoom call within a Slack). Disabling some UCC features could incentivize users to adopt unsanctioned applications (‘Shadow IT’) to communicate with internal/external customers, which obviously heightens risk for all concerned.
Theta Lake’s report also noted that 55% of firms lack visibility into how their employees communicate, nor do they necessarily have much awareness of new features bundled into the platforms themselves. For example, Zoom, Cisco Webex and RingCentral have all included their AI assistants into their UCC at no additional charge (depending on license level, in some cases).
Unified Search
Theta Lake’s product can already capture users’ interactions across modalities (video meetings, cloud phone, voicemail, email, SMS/MMS, etc.), and it allows customers to search across those modalities and then replay interactions across media type. What’s new is a generative AI capability that can summarize the content itself and show the particular risk that was detected (if there was one), as illustrated below.
According to Landers, Theta Lake uses its own large language models (LLMs) and risk classifiers that stem from use cases based on financial services requirements, data privacy requirements, information governance policies, harassment, sexual harassment, hate speech, bribery, etc. There are 85 baseline detections that come ‘out of the box’ and they can also be foundational to custom detections a company might want to implement.
“We make it really clear that there is no use of any AI in the customer environment or their data without the consent and deployment by the customer themselves,” Landers said. “Everything that our customers do with AI is driven by their decisions.”
Proactive Compliance
The improvements to Proactive Compliance include the ability to detect the use of AI assistants embedded in UCC platforms, as well as third-party notetakers such as Otter AI. Being able to identify, audit and convey that those notetakers are in use can be important for internal and/or external communications – i.e., some interactions must be recorded while others should not be (e.g., a company informing employees about the status of, and possible future plans for, a pending merger).
Landers said that the capability is labeled ‘proactive’ because Theta Lake can not only surface the risk, but it can remediate or redact content that is found to be risky. “For example, maybe someone blurted out something about a news release that is not suitable for the entire company. We can remove that not just in the archive copy but in the host application.”
Landers then clarified, saying that Theta Lake retains both the original and the redacted version. “If you edit a conversation, we retain the ‘evolution' of a chat that you and I had – the before and after,” Landers said. “We have a complete history, even to the point of someone ‘liking’ and then immediately ‘un-liking’ a post. So, we absolutely convey the entire history of a conversation, the evolution of it and user behavior over the course of time.”
Theta Lake can now also detect material non-public information (MNPI), bribery, customer complaints, and off-channel communications across 9 different languages. “We can even do so in a conversation where ‘code switching’ occurs. That’s when you and I might start our conversation in English, but we switch to Portuguese because we're afraid we're being recorded,” Landers said.
Integrations
Landers said that most of Theta Lake’s integrations are what they call ‘content source’ integrations where Theta Lake retrieves media and other content from APIs or webhooks or other supported connections for processing. “We’ve partnered with companies like Zoom, RingCentral, Cisco Webex, Microsoft, and others, and they have made it pretty easy for us to make those integrations,” Landers said.
With respect to where the digital archive of the UCC interactions is kept, Landers said that Theta Lake’s goal is not to disrupt what the customer is already doing. In many cases, customers have stood up, administered, maintained and otherwise assembled their own solutions for recording voice, capturing email and chat, etc.
“As customers expand their use of Unified Capture and move from capturing a particular content type or channel to capturing more modalities, they typically start to put more data in Theta Lake. But we encourage and support customers bringing their own storage if they’re using Azure or AWS, for example,” Landers said.
Want to know more?
For more on Theta Lake and UCC compliance, check out these articles:
- Zoom launches Zoom Compliance Manager, powered by Theta Lake.
- AI Thrives on Good Data: Two surveys highlight the need for consistent, high-quality data in building reliable AI systems.
- As companies adopt generative AI, they are often unprepared for potential security and compliance threats.
- AI Governance: A Grammarly webinar wades into the abyss of AI-related regulations (current and forthcoming), as well as some key questions to ask vendors. We dive a little deeper.
- S. Supreme Court’s Decisions Impact Enterprise Communications: Two verdicts could move technical decisions and implementation away from those who know the policies best, and lengthens the time it will take to accomplish legal adjustments to accommodate technology advancements.