Greatest challenge to secure enterprise messaging = employee education

September 19, 2018

men in cafe on their devices

For CIOs and IT teams, the debate over which secure enterprise messaging app to use is typically fought over the level of security on offer. However, for business users, the decision is often less clear, and typically the result of poor understanding.

New research has highlighted that many people remain unclear over the level of protection offered by secure, end-to-end-encrypted (E2EE) messaging apps, when compared to basic services such as SMS text messaging (and even phone calls).

In the research, 50% of users incorrectly believed that SMS and landline phone calls were more secure than E2EE messaging apps. 75% also incorrectly believed that communications shared via tools which leveraged E2EE could still be intercepted by unauthorized parties.

The findings suggest that enterprise IT teams need to take more time to explain the benefits of secure messaging apps to their business users, rather than relying only on technical terms such as “end-to-end-encryption”.

Better user education

IT teams have long battled to control, and mandate, the use of messaging apps for the sharing of confidential company information.

However, for most, standardizing on a single messaging tool is simply not an option.

From email to Slack, enterprises today are comprised of multiple communications channels – each serving a different use case. If this research tells us anything, it’s that IT teams must now make additional efforts to educate business users on the appropriateness of the messaging apps on offer to them, and how they should be used for different types of content.

Slack (which doesn’t provide end-to-end-encryption) offers a perfect example.

While not cited in the research, I’ve spoken to several CIOs who fear it’s increasingly being used to share confidential company and even client data between teams, and even international offices. Of course, these CIOs aren’t suggesting that Slack is a bad tool; but they do acknowledge that it has its limitations.

For example, if confidential information is shared in open channels, it becomes searchable by all company employees. This not only puts the company in violation of contractual obligations to protect client data by exposing sensitive information outside of the intended recipients, but in some cases it might even represent a breach of GDPR.

The disparity between actual security, and perceived security is also visible in the form of your ubiquitous video conferencing solution. One recent survey found that 70% of business professionals said it was normal to discuss company confidential information on calls – despite that fact that many of the most well-known solutions don’t offer E2EE by default.

Help users to navigate the options available to them

As an IT professional, your decision to invest in a secure messaging app (such as Wire), is just the first step of your journey.

Your business users will have access to a number of collaboration and messaging tools. They will also have many different use cases. Help them to navigate the options available to them, so that they can better understand the levels of privacy and security offered by each.

Ready to try Wire?

For organizations that demand complete security, with full end-to-end encryption, Wire is the perfect enterprise messaging and chat solution.

It’s more secure than email, and other messaging apps, and uses end-to-end-encryption, with forward and backward secrecy (so that each new message and interaction uses a new encryption key). This ensures messages are completely secure and protected from man-in-the-middle attacks. Not even Wire has access to the conversations!

Start your free trial or get in touch with our team for a expert session.

Morten Brogger, CEO, Wire

Back to all posts