Are your employees oversharing on Slack?

Deploying modern, digital workplace solutions have become a prerequisite to increased team collaboration. One of the most visible (and obvious) examples of this are messaging and chat applications.

Where email was once the tool of choice for internal team communication, services like Slack have today become the default option for many.

However, I’ve noticed a disturbing shift in the way these tools are used.

As a tool like Slack becomes more commonplace in the workplace, employees become increasingly confident in using it. Where Slack began as a convenient and immediate way to share innocuous team updates, ask questions, and share company announcements, I’ve spoken to several CIOs who fear it’s increasingly being used to share confidential company and even client data between teams, and even international offices.

A culture of B2B oversharing

Here are some of the challenges that CIOs tell me they’re facing when deploying team chat services like Slack.

• Because there’s no end-to-end encryption with Slack, Slack employees have access to user data, including messages according to this report from Gizmodo.
• If confidential information is shared in open channels, it becomes searchable by all company employees. This may put the company in violation of any contractual obligation to protect client data, or expose internally sensitive information outside of the intended recipients. In some circumstances it could also be in breach of GDPR regulations if proper consent has not been requested from the customers.
• If an employee with the Slack app loses their phone, that information, or shared files, could be exposed if the businesses doesn’t have the mobile device management tools in place to immediately, and remotely lock and wipe the device.
• Employees are using Slack integrations to connect the service to other corporate systems (such as Salesforce, and Workday), without really understanding how these integrations work and the data that is being accessed.

Should you consider an end-to-end encrypted team messaging solution?

Messaging and chat tools are appealing to users for their immediacy, and ability to share knowledge and foster greater team collaboration. However, when users dont understand the security risks sufficiently well, and information falls into the wrong hands and is leaked, or breached, it can result in unhappy clients, reputational damage, and even regulatory action.

That’s why more and more businesses consider Slack a no-go, and are turning to more secure alternatives – like Wire, which offers true end-to-end encryption.

For organizations that demand complete security, end-to-end encryption across employee communication is the number one priority. That’s why Wire is the perfect enterprise messaging and chat solution for sharing confidential information.

It’s more secure that email, and other messaging apps, and uses end-to-end-encryption, with forward and backward secrecy (so that each new message and interaction uses a new encryption key). This ensures messages are completely secure and protected from man-in-the-middle attacks. Not even Wire has access to the conversations.

What I've also learned from CIOs is that any tool must be usable. Offering a consumer-like experience is key to ensuring employee adoption, and mitigating the risk of employees finding their own, non-mandated solutions.

Tipping point

Businesses are reaching something of a tipping point. Collaborative tools like team chat and messaging meet a very real user need, and are increasingly welcomed by employees. But it’s vital that CIOs understand the use cases.

For anything more that innocuous team chat, it might be time to explore a more mature, and end-to-end encrypted alternative that meets both the users’ need for usability, and the businesses need for data protection and file security.

Morten Brøgger, CEO, Wire