7 Tips for Deploying Secure, Enterprise-wide Team Messaging
Just when you thought you had made your network safe from the perils of BYOD, users began to bring their own file-sharing programs and other consumer-grade apps to work. Now the hot trend is team messaging, and once again users and individual departments are getting the jump on IT by adopting their favorites.
Team messaging apps—or collaboration software as they are sometimes called—expand the familiar instant messaging window into an immersive workspace with the context and content teams need to collaborate efficiently. Users love the ability to share files and calendars, track tasks, participate in group chats, and more.
Businesses also appreciate the way team messaging helps people spend less time hunting through emails and more time getting work done. In fact, many organizations are finding that email as a collaboration tool is almost broken. According to a recent study by Yahoo Labs and the University of Southern California, as users’ are inundated with a daily barrage of messages, and as their inboxes snowball they respond to only a small fraction of their messages—less than 5% when the load reaches about 100 emails a day. Team messaging lets users cut through the communications clutter to reach key team members in real time.
Have your apps gone wild?
Despite the popularity of these apps, having anything connected to your network that is uncontrolled or not properly vetted raises some red flags. First, if every group or department is using a different app, companywide collaboration suffers as users’ data becomes trapped in silos. Marketing has everyone linked on the same app, but users can’t collaborate with teams in Sales using a different platform, for example. And you lose control of costs or any ability to negotiate corporate rates from vendors.
Productivity can also take a hit if these apps are not integrated into the corporate network. For example, adding users to a group or synchronizing calendars may require manual operations.
Team messaging plus cloud-based UC takes collaboration to the next level
To deliver a true enterprise-grade solution, some companies also want to give users the ability to access phone and Unified Communications features from within team messaging apps. Integrating collaboration software with a company-wide unified communications (UC) platform offers numerous advantages. For instance, with some services, users can instantly escalate a group chat session to an audio or HD video conference. Or, for example, users can look up a coworker in the company phone directory and add that person to a team with just a click.
Keys to securely deploying collaboration software
However, the rampant rise in cyber-crime and stricter privacy regulations has made most IT organizations acutely aware of risks to corporate data. And moving collaboration—or any type of business communications—to the cloud means sending sensitive data over the public internet and allowing sensitive or protected data to reside outside the corporate firewall.
So if you are planning to deploy team messaging—or reign in a current patchwork of consumer-grade apps that have sprouted organically throughout the organization—you naturally have questions regarding security.
And since today desk phones, smartphones, and other connected UC devices have essentially become network endpoints, hackers have not overlooked the phone system as an attack surface. So deploying collaboration software as an integrated component of your business communications adds concerns around protecting voice, video, fax, and other UC content.
Additionally, these solutions typically reside in the cloud, and users access them as a service—either as SaaS (software as a service) or UCaaS (unified communications as a service). As with other apps like Salesforce, these hosted solutions are exploding in popularity because they offer much lower cost and eliminate the need to purchase and manage onsite hardware. All the software and the infrastructure it runs on is hosted in the cloud. Despite the many advantages of hosted solutions, trusting operations (including availability) and confidential data to another company can quite naturally raise some eyebrows.
So how do you deploy team messaging with the security, control, and reliability needed for an enterprise?
- First, it is critical to choose a trustworthy cloud vendor, which means an established company with ownership of its platform, many satisfied customers, and robust cloud security.
- Look for a vendor that can show evidence of independently validated security, ideally in the form of an audited Service Organization Control (SOC) 2 or 3 report.
- Avoid stealth IT by making sure the team messaging app has the same user-friendliness of consumer-grade apps, which will encourage user adoption.
- Make sure the cloud-hosted team messaging service provides state-of-the-art security, including firewalls, security gateways, intrusion prevention, and web application security, as well as anti-DDoS measures.
- Ask if the vendor’s production network is tightly controlled with strict access management—e.g., only authorized and approved users are given access.
- Make sure the vendor encrypts all traffic between clients (mobile and web) using industry standards.
- If deploying team messaging as a component of a cloud phone/UCC system, make sure the cloud communication infrastructure and voice traffic are protected with robust security.
These seven suggested best practices only cover the most important security measures. If you would like a deeper dive, download this whitepaper.