Zbyněk Sopuch is an experienced CTO at the Czech company Safetica, which specializes in company data protection. In his commentary for Euro.cz, Zbyněk analyzes the safety concerns about popular communication platforms and provides managers with some advice on preventing unwanted leaks of valuable company information.
- The volume of data transmitted through instant messaging platforms has more than doubled over the course of the pandemic.
- The first lockdown in spring 2020 led to a 50%increase in data transmission over the Internet, whereas external devices were the preferred method pre-COVID. A large leap also occurred during the fall of 2020 and spring of 2021, when the intensity of online communication increased by an additional 30%.
- Platforms for team communication, such as Microsoft Teams or Zoom, experienced a gigantic boom, as did private instant messaging platforms.
- This trend has its drawbacks, especially for companies and the safety of their data.
There are many platforms for private communication, and employees often like to use their favorite instant messenger for work. This phenomenon is called “Bring Your Own Service.” However, this brings significant new threats – both technical and legal. It is possible to substantially reduce the risk of sending internal data if managers avoid basic mistakes and thoroughly enforce appropriate employee policies.
Private and work communication don’t mix!
Back in the day, the main security threats used to be private email and data storage. Today they’re private chat and cloud. Practically everyone uses company emails, and the new threat is mixing private and company communication. While it’s quite common for an employee to lose a flash drive with internal data or have their company laptop stolen, it is even more common for them to use private email, unsafe cloud storage, or an instant messenger for work purposes.
This kind of communication and data transmission is convenient and has clear advantages, which is why companies shouldn’t try to ban it, but face it. From the data security point of view, companies should choose appropriate and user-friendly tools and ensure their use for company communication and data transmission. This way, employees will not need to take shortcuts and use Messenger, WhatsApp, and other popular instant messaging platforms. However, every tool can be used wrongly, including B2B communication tools. Pay attention to setting up rules and educating employees.
How can I keep control over company data?
When selecting which communication tools to use in your company, it is important to check whether the data is stored permanently. If it is permanently accessible from anywhere, you lose control over it and risk leaks. It is key to select B2B tools that allow you to control access and connectivity. And just like with your company cloud, it is vital to have strong two-factor authentication.
I would ideally avoid all instant messaging applications for private everyday communication that we use for chatting with friends and family. These applications belong on private smartphones, not on company laptops. The main exception is communication with customers through company accounts on social media. However, it is still necessary to set up two-factor authentication and use appropriate tools to secure company data to keep important information from leaking.
Almost every platform has had security issues.
Practically every communication platform from Facebook Messenger and WhatsApp to Microsoft Teams and Zoom has had security problems recently. It is worth using a service that tackles these problems head-on. A useful hint is the service’s willingness to inform users about these problems and the time it takes to fix them. When the fix takes a long time, it is more likely for the mistake to be exploited by outside actors. As soon as information about a potential security hole gets to the public, many hackers/crackers try to abuse it, especially from Russia and China. This is why it is important to take a good look at the history of the service and evaluate how flexibly and quickly they can react.
The volume of transferred data will continue to grow
Aside from data leak prevention, it is also good to plan for the future. The active use time of communication platforms has doubled over the course of the pandemic and will surely continue. The same goes for the use of video calls and overall internet traffic.
Safe company communication and data sharing are complex issues that require a responsible approach from both management and employees. It is futile to try to fight the trends. It is better to understand them early, set up appropriate rules, monitor possible threats, and prepare scenarios to minimize current and future challenges. You can ask your employees what tools they like to use and why and then offer them a similar but more secure alternative. It also serves as a good reason for you to switch platforms.