Prevent shadow IT: Companies need security covering multiple communication vectors

There is a critical need for companies to adopt comprehensive and secure enterprise communications platforms to prevent shadow IT. It is a phenomenon where employees, to compensate for the lack of a comprehensive suite of communication tools within their company, leverage unauthorised external applications for business purposes, creating multiple challenges for companies.

Apart from being highly vulnerable to data breaches, these applications also compromise a company’s data/information confidentiality and sovereignty and, in some cases, could even be in violation of data privacy regulations.

New analysis by Frost & Sullivan, “The Case for Secure Communications Platforms,” finds that many enterprises follow a bring-your-own-device (BYOD) model for their business operations. This trend, paralleled by more business processes getting digitised, has placed companies at greater risk of catastrophic data breaches. Therefore, a holistic approach that provides dedicated security across multiple communication vectors is an immediate requirement for enterprises.

“Shadow IT and its associated risks make a strong case for adopting a secure communications platform that uses top-tier encryption to protect text messaging, instant messaging, voice calls, video calls, conferencing, file sharing, and collaboration tools,” explains Jason Reed, Senior Industry Analyst – Cybersecurity, Frost & Sullivan. “Vendors in the secure communication platform space offer ‘white label’ solutions that provide strong integration into existing company IT; these solutions can reduce or eliminate the temptation for employees to deploy shadow IT, while increasing productivity.”

One of the key problems posed by the use of public communication applications for company-related functions is that it opens up the possibility of the data being monetised by the application provider. In other words, it completely undermines a company’s efforts to ensure data confidentiality.

Another challenge relates to the use of shadow IT in highly regulated industries, like financial services and healthcare. Here, companies may end up contravening data security regulations, thereby inviting fines, censure, loss of business or even revocation of licenses.

“Moreover, when the public communication application providers’ servers are located outside an enterprise’s geographic region, then there might be concerns about divergent data privacy laws,” adds Reed. “In contrast, secure communication solutions offer on-premise deployment that allows enterprises to own and house their data directly on-site, thereby circumventing many of the problems surrounding data sovereignty.”

Another major benefit of secure enterprise communications platforms is customisation. This enables companies to achieve complete regulatory adherence. In addition, the provision of uniform and scalable solutions help secure communications— from C-Suite executives dealing with confidential business transactions to lower-level employees handling sensitive information—across the enterprise.