WhatsApp, Facebook and Lies

Protecting sensitive business data while encouraging workplace communication and collaboration shouldn’t be a balancing act. It is.

With hackers eying your data, WhatsApp and other messaging apps aiming to monetize it, and regulators constantly looking over your shoulder to see if you misuse it, it’s tempting to unplug the ethernet cord, turn off the WiFi, and set your corporate firewall to intranet only. You can’t. Your employees would revolt. Then, they’d whip out their cell phones, download the very shadow IT apps you wanted to avoid, and continue work as usual.

Here’s a better approach. Find messaging and collaboration software that offers the same capabilities as your employees favorite messaging apps with the enterprise features your company needs.

Before we start comparing possible solutions, let’s examine the key differences between messaging and encrypted messaging, collaboration solutions.

A messaging app focuses primarily on communication. Think phone calls, texts, and messaging. Whether the app allows many to many, many to one, or one to one communication, it’s all about people sharing information in real-time.

Collaboration is everything you need for group work. File sharing, document management, shared contact lists, and group calendars are all essential collaboration tools.

Learn how to elevate the productivity of your enterprise through secure collaboration.

Enterprise solutions often take this a step further by combining messaging and collaboration functions into a single app. By using one app, instead of multiple apps, this makes work easier because it removes a communication barrier within the workgroup. Fewer barriers means greater communication and collaboration.

How our consumer messaging apps—WhatsApp, Slack, Skype for Business, and Signal—stack up against our enterprise collaboration apps—Threema, Silent Circle, Wickr, Wire, and RealTyme?

Here are our workplace collaboration and messaging criteria. Let’s find out how we compare.

1. Complies with Data Protection Regulations (e.g., GDPR)

What do the EU, Switzerland, and Japan all have in common? They all adopted strict compliance with data protection regimes, starting with the EU’s General Data Protection Regulations. Canada, South Korea, and multiple provinces and states are following in their footsteps. As these regulations tighten and fines increase, data protection and privacy regulation compliance protects your bottom line.

Who complies?

2. Uses Independent Audits

Your greatest vulnerability is the one you don’t know about. Independent audits help you ensure that your new communication and collaboration platform doesn’t create new security holes. The internal audit should verify the following:

  • The application provider uses internal security policies informed by industry-leading practices, including ISO 27001.
  • The application passes a zero-default application penetration test.
  • The application provider’s security team is highly qualified and adheres to security guidelines like NIST-800 171.

3. Provides High-End Encryption

According to ENISA, encrypting data in transit is not enough.

What if a burglar steals your CEO’s phone? How do you protect the data on that stolen phone, the data in your system, and prevent the thief from sending everyone in your company a link to his scam donation page?

To prevent this, you need:

  • ID management,
  • public key infrastructure, and
  • multi-factor authentication.

After you’ve blocked the thief’s access to your communication and collaboration app, he sells the phone to a hacker friend. The question becomes what’s encrypted and how strong is it.

Your chosen encrypted messenger solution should include:

  • end-to-end encryption,
  • at rest encryption,
  • in transit encryption,
  • remote wipe functionality and,
  • encryption sets based on well-known and academically accepted algorithms like ECDSA, ECDH, SHA2/3, and AES-256/CCM/GCM.

Depending on your industry’s regulations and organization requirements, you may require a national or custom cryptographic set.

Did you notice the trend? Consumer messaging applications, including Skype, Slack, and WhatsApp, do not offer the sophisticated security enterprises demand because private individuals are their target customers, not enterprises. Their “enterprise” offerings, such as Skype for Business, are intended for small business owners with only a few employees with little to no sensitive private data.

4. Integrates with Existing Systems

Although individuals can archive WhatsApp messages, your organization can’t. For an organization, that’s a fatal flaw. Your communications data is a crucial part of your organization’s memory.

Six months ago, your budget team completed their annual review. Before they begin this year’s review, their boss requests a post-more focused on a communication breakdown they experienced. Without data, all you have is employee interviews that all point the finger at someone else.

What systems should your solution integrate with?

  • Data retention
  • Daily workflows
  • System archiving
  • Partner applications, including your expensive MDM suite.

Which applications will integrate with your existing systems?

5. Includes Central Management

Will your management buy-in to a platform they can’t control? Do you want them calling IT every time they add someone to their team? What if you let them build their teams and monitor communications and information access within those team via analytics while IT handles the infrastructure and security? In this scenario, IT also retains the ability to monitor the system and add and remove employees. IT still has total control, but it doesn’t feel that way.

This is what central management with an enterprise management console, also known as a dashboard, and application and content revocation does.

Even though central management makes life easier for your IT department, it also creates buy-in among your senior staff. Without their support, your employees will not universally adopt any communication and collaboration platform.

Which platforms offer central management?

6. Allows Customization

It doesn’t matter how secure your chosen communication and collaboration app is if no one uses it.

A customizable, white-labelled, UI lets your management create their own branding. This gives them ownership of the product and generates buy-in at the highest levels. Your managers become advocates. By promoting “their” platform, they create brand recognition with your employees. The more recognizable your platform is and the more your employees associate it with your company instead of an app provider the better your adoption rates.

Customization makes your employees want to use your approved platform.

Depending on your organization’s culture, customizing the UI may not be enough. When you start reaching out to companies about their security protocols and setting up demos, ask them if they’ll customize their training modules and help you integrate the communication and collaboration suite with your onboarding process. At RealTyme, we do this all the time. Most of our enterprise competitors offer this, as well. Just ask!

7. Company Jurisdiction Affords Additional Privacy Protection

Your communication and collaboration app’s jurisdiction is not necessarily your company’s jurisdiction. For example, a Brazilian company contracts with a Swiss app provider and opts to use their Swiss servers instead of self-hosting. Switzerland has jurisdiction over the data residing on Swiss servers, not Brazil. In practice, this means the Brazilian company benefits from Switzerland’s stricter privacy and data protection laws.

Switzerland and the EU enshrined their protections in law. Companies operating within their boundaries must adhere to these laws. A US company, on the other hand, is legally obligated to turn over information when demanded authorities. Instead of legally mandated privacy protections, these companies are often certified under the Privacy Shield Framework. (If they’re not, don’t buy their product!) Although the EC deems this framework adequate for GDPR purposes, compliance is voluntary and self-certified. If the company claims they comply, the framework considers them in compliance.

If you’re eying a hosted solution, pay close attention to the app company’s home country.

Where are these applications based?

8. Features

Although we’ve discussed platform management and buy-in, one key question remains. Which communication and collaboration channels do your employees use now? Which additional channels do they need? What other features might benefit your company?

Communication

Do your employees text each at other work? If they do, your platform needs SMS.

How many WhatsApp requests does your IT shop receive in a month? If you answered none, are your employees bypassing IT and installing it themselves. Either way, add instant messaging to your wish list.

One-to-one calls, conference calls, and individual and group secure video conferencing calls are all corporate staples. You need them.

PBX integration lets your employees carry their desk phone in their pocket and stops them from using their personal phone number for business purposes. It also lets them return phone calls when they’re at a conference or waiting for the elevator. If you still need buy-in, sell PBX integration’s convenience.

Check with your legal department about auto message destruction. Even if your IT policies don’t demand this, it’s necessary for some industries.

Collaboration

Emailed files are version control nightmares. Even with the best naming system, you never know if you’re working with the latest version or if John forgot to tell you that he added six pages. Shared drives suffer similar drawbacks. Efficient collaboration requires true file sharing, preferably with version control.

File sharing means everyone works on the right file.

In-app note taking and a centrally managed contact list will also make your employees lives easier while improving collaboration. A centrally managed contact list ends arguments about not having the correct phone number or email address before they begin.

All files, communications, and contacts must be secure. This is not negotiable.

Which secure communications and collaborations channels does each platform offer?

9. Offers Deployment Options

In-house deployment on your existing infrastructure will always offer you more control than cloud deployment. However, opting for cloud deployment offers a quicker startup. Our average cloud deployment time is about 15 minutes start to finish. However, custom cryptographic sets and some server analytics are only available if you deploy in-house.

On-premise deployment is not as popular among communication and collaboration application providers as cloud deployment. Our experts will walk you through the pros and cons of each deployment option and help you make the best choice for your organization and its regulatory environment.

How Do We Compare With Our Competition

As a Swiss-based company, we operate under some of the world’s strictest privacy and data protection standards. Our products carry the distinguished Swiss Made certification, a globally renowned standard for product quality. RealTyme is solely financed by independent investors.

We believe our comprehensive feature set and industry-leading security offers the greatest flexibility and value.

Try RealTyme Today

You may also like