The rapidly increasing use of chat in modern work-from-anywhere workplaces has exposed new compliance, privacy, and security risks. Not least the need to comply with regulatory obligations for retention, supervision, privacy and security mandated by regulators worldwide.

THE UNIQUE CHALLENGES

Chat platforms operate differently to other communications like email. There aren’t limitations on content type or size and they can support text, audio files, links, images, gifs, emojis and reactions. Their shareable nature makes it easy for files, links, or screenshots to be sent internally and externally. And because chat is persistent, these remain accessible long after conversations have ended, regardless of the sensitivity or confidential the information.

Supervision of chat is therefore critical to detect compliance and security risks from misconduct through to data leakage. But reconstructing ongoing and fluid conversations spanning multiple days and participants, and capturing the full content as well as context of conversations that may include emojis, reactions and gifs, presents complex compliance challenges. Issues that neither legacy email archives nor cloud access security brokers (CASBs) can manage, creating both increased risks of non-compliance and costs of compliance for firms.

This inability to adequately retain and supervise chat has led to firms disabling valuable features in their chat platforms, preventing them from meeting users' needs and realizing productivity gains from investments in the likes of Cisco Webex Teams, Microsoft Teams, RingCentral Glip, Slack, Zoom Chat and other modern chat platforms.

Key areas where email archives and CASBs struggle to support firms with modern chat include:

1. Not all chat components are captured and archived
Missing newer content types and related context, such as emojis, reactions, gifs, images, video files, audio files and whiteboard, or channels such as one-one chats makes effective supervision impossible.

2. Message threading for email archives misses content and breaks search
Treating chats as emails can mean that content is not put in the proper order or context leading to inaccuracies in analysis.

3. Content is not analyzed or is analyzed incorrectly
They struggle to provide analysis of modern content types such as emojis, images, gifs and videos or analyze them in the context of a conversation. Even where a file share is captured such as via a SharePoint link in Microsoft Teams, the file content is unlikely to be analyzed.

4. Search-dependent lexicons and ‘bolt-on’ analytics introduce search and detection latency, and unreasonable implementation and service costs
Legacy archives weren’t built with supervision in mind. Basic key word searches, complex and unwieldy lexicon approaches through to bespoke compliance analytics fails to meet the needs of instantaneous search designed for modern and unstructured content.

5. Archives have no ability to remediate exposed risks
The inability to remediate or remove content inside persistent and ongoing chat channels prevents organizations from taking action to stop content being shared or exposed further.

6. Legacy archives have prohibitive storage costs
Legacy on-premises archives and hosted, private cloud archives have expensive storage models exacerbated by the exponentially increasing amount of storage required for rapidly rising volumes of modern chat and the files and media included in them.

7. Archives lack a privacy-friendly model for redacting stored sensitive data
Data privacy regulations create unique storage and handling issues that legacy archives haven’t been designed for. The majority provide no ability to redact personal or confidential information so that it cannot be viewed further.

8. Lack of a modern review workspace drives inefficiency and costs
Without a workspace to navigate and review communications the burden falls to reviewers to manually piece together conversations without complete content and with misalignments in timeline and participants.

Theta Lake’s white paper explains the steps needed to close existing compliance and security gaps. Find out how Theta Lake’s purpose-built solution helps organizations solve the challenges of today’s modern chat platforms: