In the fight against shadow IT, CIOs have faced for more significant challenges than modern consumer messaging apps. And the popularity of apps such as WhatsApp, Facebook Messenger, iMessage and Google Hangouts has, in many cases, led to a more open IT approach to consumer communication tools in enterprise.
When IT leaders let employees use their personal devices for work, it's a safe assumption that multiple consumer messaging apps will also come into play. The onus is on the CIO and the IT team to mitigate potential problems that could come from the careless use of such apps at work, according to Adam Preset, research director at Gartner. CIOs should realize consumer messaging apps can increase staff efficiency, but they should also try to empower workers to make choices that don't threaten their organizations, he says.
Consumer messaging, encryption and the enterprise
Fortunately for CIOs, security has become a top priority for many of the companies that make these apps. WhatsApp, which has more than a billion monthly active users (MAU), made end-to-end encryption its default messaging standard in February, and Facebook Messenger, which surpassed a billion MAUs this summer, says it's currently testing end-to-end encryption. Telegram, which has about 100 million MAUs, touts itself as the "more secure" alternative to "mass market messengers." Google built end-to-end encryption into its recently released video-calling app, Duo, as well, and it plans to do the same for the forthcoming Allo messaging.
Many CIOs welcome the rise of encryption protocols in consumer messaging apps, but their concerns don't end at "send" and "receive," according to Preset. "The terms and conditions of consumer apps don't favor enterprises, and, in the best case, information transmitted within those apps is owned by the individual," he says. Absent central account provisioning, a critical enterprise feature, IT leaders are "dependent on individual chat-thread owners keeping track of who should be in a group and who should be ejected, which might mean that sensitive data is accessible to the wrong people."
Security lapses and network vulnerabilities are IT's main concerns when it comes to consumer messaging apps, according to Josh Lesavoy, CIO at Nextiva, a business VoIP vendor. "We don't have control over what is being discussed and shared on these apps, as well as who can hack into the app and access the information," he says. "Security will always be a huge concern, but we've taken a more positive approach to educating our team on the proper use of messaging apps."
Workers are more careful when IT is watching
Lesavoy tries to limit the negative potential impact of consumer messaging apps by reinforcing the need for employees to be mindful of the information they share and store using these apps. Workers also tend to be more cautious when they know their IT departments monitor the use of messaging apps, he says. "When [employees] have a clear understanding of the impacts these apps have on the entire organization, we've found that they are more careful."
Sign up for CIO Asia eNewsletters.