Office communication has come a long way since the days of sticking memos and public notices to the corkboard. In fact, while you’re reading this article, your colleagues are probably pinging each other on one (or more) of the latest internal communication apps. These messaging apps, after all, can bring a host of benefits to the workplace. Thanks to instant, seamless communications, users can now easily:
- Update stakeholders on a project’s status
- Prevent miscommunications
- Communicate with direct reports in a more casual manner
- Keep everyone up to date in the event of a crisis
- Improve transparency
- Provide open feedback in a way that fosters engagement
Unfortunately, there’s no such thing as a free lunch when it comes to technology—at least not for the IT pros held responsible for network security. The increased ease with which, say, the CFO can send projected revenue figures to the CEO or one frontline staffer can vent to another about the painful customer they just dealt with means there’s now a vast amount of sensitive material you absolutely need to protect floating around in cyberspace.
Take it from Karl and Peter Stefanovic, who learned the hard way about what happens when off-the-record chats about work matters escape into the public domain—the results can range from tragicomic to career-ending. To prevent your company’s top-secret product plans from becoming public tender on the dark web, consider the following five tips for super-secure internal communication.
1. Vet any communication tool your organisation is considering
You need to know exactly what devices the tool(s) will be used on and who all the third-party vendors are. Well-established software created by heavy hitters are more likely to be dependable compared to obscure messaging apps hijacked by the cool kids. Whether it’s internal communication tools or any other software or hardware, it’s always worth opting for a product that comes with impressive security features built in from the outset.
2. Find a host you can trust
If you have an on-premise server, you should look into keeping it secure with visitation logs, access control lists, software security, and hardware firewalls. Put it behind a locked door monitored by CCTV, and don’t forget to isolate the intranet from external internet access. If your organisation has an externally hosted intranet, it should be located at redundant sites to prevent any single point of failure. You’ll also want to go with a facility that has SSAE 16 certification.
3. Apply the 21st-century version of the “front page” test
The traditional idea behind this test was that organisations should avoid doing anything they wouldn’t like to see plastered on the front page of the papers. Today, think in terms of not putting anything in digital writing that you’d be embarrassed to see pop up in the trending column on the most popular social media news feed.
4. Remember: Nothing is secure on the web
As demonstrated by recent incidences, like Cambridge Analytica’s data manipulation case, nothing put on the internet is ever totally secure. When it comes to intellectual property, it should be discussed online as little as possible and only on the most secure tools. While this may seem obvious to you as an IT pro, don’t assume others working in your organisation understand how easily things can go pear-shaped—especially if your colleagues use the same equipment and communication tools for both work and personal purposes.
5. Make end-to-end encryption your friend
- Is there a way of verifying the person you’re messaging is actually the right person?
- Can you trust the third-party host?
- Is your company’s data protected from being viewed by the host company’s staff?
- If something goes awry with the private key encryption, are old messages still secure?
- Is there an overarching internal communication strategy for your organisation?
- If so, does it stress the importance of using end-to-end encryption wherever feasible?
Collaboration is increasingly important in the modern workplace, and digital natives make up an increasing proportion of the workforce. Naturally, internal communication tools will continue to multiply and evolve. Accordingly, you and your IT department will need to remain eternally vigilant about the cybersecurity threats these tools pose and make sure your business is secure every step of the way forward.