Using popular foreign instant messengers for business purposes carries significant risks for the company and reduces its information security. Maxim Ruban, head of information security at the eXpress corporate communications and mobility platform, recommends minimizing these risks by finding a replacement for the public messenger among domestic products.
What are the risks of using public messengers in business
1. Data leak: Using public messengers means that your correspondence and files have already been leaked and are available to third parties without your knowledge. Commercial or proprietary information can be discreetly used for their own purposes in real time.
2. Lack of control: upon dismissal, an employee can use work correspondence, especially since foreign public messengers process and store correspondence and files outside the Russian Federation.
3. Lack of protection: Public messengers do not have the functionality to combat phishing emails in their arsenal, and the organization of protection is inaccessible to employees of an information security company. A user may unknowingly implement vulnerabilities that allow an attacker to gain full access to a mobile device. Next, the attacker is free to independently determine what data to steal.
How to reduce the risk of incidents involving instant messengers
1. Implement a corporate product and provide employees with a convenient tool. Replace public messengers with a corporate messenger implemented on the company’s servers (on-premise). Only this approach provides control over data and security, since all messages and files are stored encrypted on internal servers under your control.
2. Use federation (multi-circuit), in other words, create conditions for safe work with external public users. In this case, employees will be able to communicate with contractors and partners without loss of functionality and convenience.
3. Use data encryption during storage and sending to ensure security and use enterprise-class data protection tools. Solutions of this class provide multi-factor authentication mechanisms, flexible role models of access rights and the ability to remotely delete data.
4. Integrate the messenger with the company’s information security systems. Some products offer APIs and integration capabilities with existing security monitoring systems, authentication and account management systems, DLP, etc. This allows you to more effectively control the use of the messenger and respond to potential threats.
5. Use Russian certified software if you need to process restricted information. Messengers must have functions to protect information in accordance with the requirements of the FSTEC of Russia (for example, corresponding to the 4th level of trust). These certified instant messengers meet certain regulatory requirements and security standards. In addition, conducting regular security audits will help identify vulnerabilities and prepare recommendations for their elimination.
