No Result
View All Result
SUBSCRIBE | NO FEES, NO PAYWALLS
MANAGE MY SUBSCRIPTION
NEWSLETTER
Corporate Compliance Insights
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Career Connection
  • Events
    • Calendar
    • Submit an Event
  • Library
    • Whitepapers & Reports
    • eBooks
    • CCI Press & Compliance Bookshelf
  • Podcasts
  • Videos
  • Subscribe
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Career Connection
  • Events
    • Calendar
    • Submit an Event
  • Library
    • Whitepapers & Reports
    • eBooks
    • CCI Press & Compliance Bookshelf
  • Podcasts
  • Videos
  • Subscribe
No Result
View All Result
Corporate Compliance Insights
Home Cybersecurity

Companies Are Cracking Down on Chat Apps, But It’s Still Too Hard to Find What They’re Looking For

Firms planning to shore up data protection should consider incremental, risk-based approach to evaluating legacy systems

by Stacey English
May 24, 2023
in Cybersecurity, Data Privacy
whats app signal gmail phone icons

A hybrid communication environment has become the norm for most companies, from the use of messaging apps to communication systems. And while companies (and regulators) are cracking down on inappropriate use of these tools, as Theta Lake’s Stacey English explores, finding the information they need remains a challenge for many companies.

Regardless of whether employees are working in an office, from home or a combination of both, they rely on modern communications tools to successfully do their jobs. These tools are efficient and effective but pose serious compliance and security risks to organizations when incorrectly used. Increasing amounts of personally identifiable information (PII) and personal health information (PHI) are being shared across platforms, and organizations are expected to be able to securely capture and retain, as well as retrieve and delete, this personal data. 

If organizations do not use communications tools that support data protection and compliance capabilities and serve their employees’ needs, they risk severe compliance and security consequences.

In our recent survey of over 500 compliance and security professionals spanning various sectors, including global financial services, healthcare, insurance and government, we saw that a crackdown on data protection and non-compliant communications is afoot. Business leaders are prioritizing solutions to combat hacks, leaks and improper external communications.

moby dick illustration
Cybersecurity

Whaling: When Business Leaders Become Cyber Weapons

by Aileen Allkins
May 24, 2023

The threat of cyber crime is nothing new for the average business. But new tools like AI mean fraudsters have access to even more sophisticated tools, enabling them to hyper-focus their attempts on high-value targets, including top executives and C-suite members.

Read more

Among the many threats against organization security and privacy, the survey found that files shared via chat are the greatest risk. This is largely because of the ease of sharing files of any size, which could contain confidential, sensitive or proprietary information. Following files shared via chat, the next two biggest threats to privacy and security are sharing links via chat or on-screen and risks associated with screen sharing.

While modern communications tools have benefited the workplace tremendously, they also provide plenty of opportunities for mistakes, breaches and data exposures to endanger an organization. As such, leadership must put safeguards in place to remain compliant and secure and possess the right tools to access data if needed.

Finding and extracting records and data is a critical component of compliance and security for any organization. In the event an organization finds itself in the crosshairs of an investigation or on the receiving end of a request for data, it needs to have the infrastructure in place to quickly locate and retrieve the required information. The compliance and security professionals interviewed in the survey reveal just how difficult a task this is for most organizations: 

  • 85% of all businesses in the survey report facing difficulties in retrieving information, with a majority stating the most difficult component being finding and extracting data.
  • 52% of respondents find it easy to retrieve emails but difficult to search and retrieve content with chat, whiteboards, video and other modern communications.
  • 33% need significant manual resources to search multiple systems and modes of communication.
  • Only 15% are confident that they could retrieve all types of communication with ease. 

Maintaining compliance and security should not be this difficult. To begin addressing these issues, organizations should evaluate legacy systems. There are a number of practical and incremental steps organizations can take to address any gaps in their current data protection coverage and capabilities:

  • Ensure security and privacy policies reflect the new working reality and are understood by staff. That includes training and guidance on data security, record-keeping requirements and acceptable use of channels. Spot checks, internal audits, reviews and updates of existing policies should be part of the mix. Ensure that accountability and tone from the top reflect the importance of data protection and compliance.
  • Undertake a risk assessment of all communications channels to determine potential gaps in data protection, record keeping, oversight or information security. Check that all new communications modes like in-meeting chat, video, mobile, WhatsApp, file links, images and more are not only captured but also searchable and retrievable. Ensure effective security settings are in place on your meeting platforms.
  •  Take an incremental, risk-based approach. Start with addressing capture, archiving and supervision gaps in areas where data protection and other risks are highest, such as SMS, WhatsApp and other consumer messaging apps under regulatory scrutiny.

As work practices evolve, compliance and security practices must, too. With employees working remotely, in-office and a combination of both, organizations must take precautions to ensure the unified communications tools critical for their jobs are compliant and secure. The risks to confidential and proprietary data are too great to ignore.


Tags: Cyber Risk
Previous Post

Just Add Water: Latest Cyber Threat Coming From Your Kitchen Tap?

Next Post

Regulatory and Economic Times Are Changing. Have You Re-evaluated Your Compliance Management System?

Stacey English

Stacey English

Stacey English is director of regulatory intelligence for Theta Lake, a collaboration compliance and security solutions provider. She has over 25 years’ experience in financial services regulation and technology as a former regulator for the now-FCA and as a risk and compliance practitioner in global banks and insurers. For more than a decade, she led regulatory intelligence for Thomson Reuters providing regulatory insight to financial services firms, including global industry research covering conduct, culture and the cost of compliance. She’s also a Chartered Certified accountant with the highest result worldwide, a published author on conduct and accountability in financial services and an honorary fellow of Cambridge Judge Business School providing expert guidance to the Cambridge Centre for Alternative Finance.

Related Posts

moby dick illustration

Whaling: When Business Leaders Become Cyber Weapons

by Aileen Allkins
May 24, 2023

The threat of cyber crime is nothing new for the average business. But new tools like AI mean fraudsters have...

social risk business

Social Selling Creates SEC Compliance, Security Demands for Financial Advisers

by Chris Lehman
May 10, 2023

Social selling gives financial advisers an effective way to connect with potential clients and build a rapport with them as...

chinese military exercise

China-Taiwan Conflict Threatens to Strain US Compliance Teams

by Mike Martinich-Sauter
April 26, 2023

Some observers expect tensions between China and Taiwan to result in war by 2025 — or sooner. As we learned...

rose colored glasses

Are You Wearing Rose-Colored Glasses — or Blinders? How Executives’ Views on Cyber Risk Can Affect Compliance

by Meghan Maneval
April 26, 2023

Changes to digital spaces in recent years have led to a sharp rise in IT risk for many organizations. With...

Next Post
improving compliance management systems

Regulatory and Economic Times Are Changing. Have You Re-evaluated Your Compliance Management System?

Compliance Job Interview Q&A

Jump to a Topic

AML Anti-Bribery Anti-Corruption Artificial Intelligence (AI) Automation Banking Board of Directors Board Risk Oversight Business Continuity Planning California Consumer Privacy Act (CCPA) Communications Management Corporate Culture COVID-19 Cryptocurrency Culture of Ethics Cybercrime Cyber Risk Data Analytics Data Breach Data Governance DOJ Download Due Diligence Enterprise Risk Management (ERM) ESG FCPA Enforcement Actions Financial Crime Financial Crimes Enforcement Network (FinCEN) GDPR HIPAA Know Your Customer (KYC) Machine Learning Monitoring RegTech Reputation Risk Risk Assessment Sanctions SEC Social Media Risk Supply Chain Technology Third Party Risk Management Tone at the Top Training Whistleblowing
No Result
View All Result

Privacy Policy

Founded in 2010, CCI is the web’s premier global independent news source for compliance, ethics, risk and information security. 

Got a news tip? Get in touch. Want a weekly round-up in your inbox? Sign up for free. No subscription fees, no paywalls. 

Follow Us

Browse Topics:

  • CCI Press
  • Compliance
  • Compliance Podcasts
  • Cybersecurity
  • Data Privacy
  • eBooks Published by CCI
  • Ethics
  • FCPA
  • Featured
  • Financial Services
  • Fraud
  • Governance
  • GRC Vendor News
  • HR Compliance
  • Internal Audit
  • Leadership and Career
  • On Demand Webinars
  • Opinion
  • Resource Library
  • Risk
  • Uncategorized
  • Videos
  • Webinars
  • Well-Being
  • Whitepapers

© 2022 Corporate Compliance Insights

No Result
View All Result
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Career Connection
  • Events
    • Calendar
    • Submit an Event
  • Library
    • Whitepapers & Reports
    • eBooks
    • CCI Press & Compliance Bookshelf
  • Podcasts
  • Videos
  • Subscribe

© 2022 Corporate Compliance Insights

Welcome to CCI. This site uses cookies. Please click OK to accept. Privacy Policy
Cookie settingsACCEPT
Manage consent

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
CookieDurationDescription
cookielawinfo-checbox-analytics11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional11 monthsThe cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-necessary11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy11 monthsThe cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
Functional
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
Performance
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
Analytics
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
Advertisement
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
Others
Other uncategorized cookies are those that are being analyzed and have not been classified into a category as yet.
SAVE & ACCEPT