By Anurag Lal, President and CEO of Infinite Convergence.
Earlier this year, Facebook announced plans to consolidate the company’s three main messaging platforms – WhatsApp, Messenger, and Instagram – allowing for all-in-one, cross-platform messaging. In a statement to The New York Times when this news originally broke, the social network said that it wants to build the best messaging experience it can and that users want a “fast, simple, reliable and private” messaging experience. The key word in that statement – private.
Unfortunately, app providers have no shortage of issues surrounding privacy and security. According to a study from the Ponemon Institute, it takes 196 days for a company to identify a data breach, costing organizations up to 8 million dollars. Compare this to the time and money spent on proactive mobile security and the need for mobile security is clear. The tricky part is mobile security can become even more difficult when combining encrypted and unencrypted platforms into one.
While WhatsApp offers end-to-end encryption, Messenger and Instagram do not have the same level of security. Some crypto and security experts are skeptical that they’ll ever level up because ensuring the end-to-end encryption that WhatsApp offers across Messenger and Instagram could be difficult to implement and cost Facebook access to valuable customer data. For example, although WhatsApp and Messenger both use Signal encryption, their implementations are different – it’s WhatsApp’s default, where Messenger users have to opt-in. Additionally, if Instagram’s one billion users were given the option to secure some of their messages, Facebook might lose access to information about user interests, habits and locations – information that they currently share with advertisers. Facebook will likely roll in some of WhatsApp’s security elements into the new ecosystem, however, all three platforms will likely not see this level of security. As a result, consolidating with two less secure messaging platforms could possibly open WhatsApp up to threats.
WhatsApp and other mobile messaging platforms were partially made popular by the bring your own device (BYOD) policy that has become commonplace at many businesses. Along with the need for enhanced communication and collaboration on the go, mobile messaging platforms have revolutionized business communication. However, WhatsApp is primarily a consumer-grade communication tool, and not safe enough for business communication – although many employees still use consumer messaging apps to communicate business matters. Add in a potential consolidation with Messenger and Instagram, and it has potential to be a cybersecurity nightmare for businesses.
Knowing this, organizations need to ensure that they’re taking steps to ensure the security of sensitive and proprietary information. To start, organizations should implement device management programs if they haven’t already. This will allow administrators to configure employees’ devices so IT and security issues can be dealt with in an efficient manner. Additionally, enterprises that operate in the cloud will want to evaluate and enhance data security. Investing in a high-quality firewall, running tests on the system and ensuring that the cloud has a backup support system in place are all simple steps business leaders can take to ensure their company’s information is secure.
In some cases, mobile security might mean more than safeguarding the cloud and implementing a device management program. In heavily regulated industries like healthcare and finance, corporate software must meet specific guidelines from HIPPA or the SEC. In this scenario, business leaders may need to look at alternative platforms that both allow for enhanced messaging and collaboration, while adhering to industry compliance laws or regulations. NetSfere, a secure, enterprise-grade mobile messaging service, gives IT total control over employee messaging and meets regulatory requirements such as HIPAA, Sarbanes-Oxley, GDPR and more.
With WhatsApp giving up more of its independence to Facebook than originally intended when it was acquired, mobile security is more important than ever before. Enterprises need to take a step back and evaluate both their mobile messaging service choices and overall security strategy, paying specific attention to how employees communicate and collaborate when they’re not on a desktop. In the age of platform consolidation, either establishing or enhancing a mobile security plan is the best way enterprises can ensure their information stays safe while continuing to communicate efficiently.