Theta Lake has published its fourth annual survey report on modern communications compliance and security, highlighting the complex challenges faced by those tasked with maintaining compliance, security and data privacy. The report is based on the views and experiences of more than 500 compliance and security professionals from the heavily-regulated financial services, healthcare and government sectors across the U.S., the U.K. and Canada. It provides a snapshot of how communication platforms are being used and the issues organizations are struggling with, enabling them to benchmark their own practices and expectations against the wider industry, identifying any gaps or areas of exposure they may have.
With a series of enforcement actions totaling about $1 billion in fines from the five biggest US investment banks, the SEC has made it clear there will be significant financial consequences if firms don’t start policing the use of communications channels, specifically the increasing use of SMS text and messaging apps, like WhatsApp, in their workforce.The seismic shift towards heavier enforcement comes after a warning was issued last October by the SEC that firms "need to be actively thinking about and addressing the many compliance issues raised by the increased use of personal devices, new communications channels, and other technological developments like ephemeral apps."
Clearly regulatory bodies have served notice - and the race is on to not only comply, but balance productivity gains with increasing regulatory scrutiny. How can firms avoid the worst case scenario of fines and sanctions (and resultant bad PR) while also not disrupting their mobile workforce and lastly, minimize complexity in their mobile/IT infrastructure?
IT: Caught in the middle between business and compliance requirements
Recent regulatory enforcement efforts describe only part of the story when looking at the current state of governance and the hybrid workplace. Two years after the start of the COVID-19 pandemic, it's clear that “work from anywhere” is here to stay for the foreseeable future. Like many industries, financial services firms have been looking at ways to more effectively engage and support their clients on their preferred channels, which includes SMS and WhatsApp. The real-time communication has enabled increased productivity and richer interactions but has come at a cost. Those firms are now grappling with how to provide WhatsApp, and related services, but in a controlled manner and balanced with a strong focus on compliance, security and corporate IT standards. Users have also made it clear that they will alternate the personal use of technology with their work efforts. The days of carrying two different mobile devices, like cowboys with two holsters, are in the rearview mirror.
Legacy approaches to supporting sanctioned WhatsApp usage do not fit the current hybrid workplace. Tools that can’t capture the full spectrum of WhatsApp services – WhatsApp Voice, SMS and Mobile Voice, while also protecting the fidelity and context of the conversation for compliance purposes, can add more complexity, and another set of challenges to the ones firms are already facing today. For mobile communications compliance, the challenge is having a comprehensive capture solution for all employees’ mobile and modern communication platforms and archiving them in one central location. This solution also needs to be able to be deployed across all users effectively and efficiently at an administration level, while ensuring personal communications are separated from business communications.
The need for mobile productivity with integrated compliance and security are not oppositional- and shouldn’t require making tradeoffs. It's clear that we can’t ask users to retreat and sacrifice productivity gains that will put the organization at a competitive disadvantage.
Introducing our partnership with Movius