The Problem with Instant Messaging Apps in the Enterprise

BBM

IM_messaging_Security

Will Instant Messaging (IM) be the next victim in the ongoing skirmish between enterprise IT and ‘consumerized’ users?

As of late last year, several big banks, including Deutsche Bank, Citigroup, Barclays and UBS were considering banning IM. The bans are “not a response to any ‘smoking gun’, but more to a growing alarm around mistaken or misinterpreted off-the-cuff trader comments,” banking sources claim.

Indeed, enterprises are increasingly concerned about IM being used as a channel for leaking sensitive data – but they’re also generally worried about keeping a handle on the ever-growing list of ways employees communicate on mobile devices. “The number of applications we are having to look at for responsive data for particular litigation issues is rapidly increasing,” explains Michael Weil, director of Deloitte Financial Advisory Services

He points to a recent Deloitte survey of nearly 1700 executives: only about half of respondents are confident their organizations can preserve mobile device data for litigation, regulatory, or investigation purposes.

Given challenges like these, it’s easy to understand why decision-makers are considering saying no, flat-out, to IM, but what impact will these choices have on productivity? It’s incalculable, really.

Shunning the Nerdy Newcomer

Why is IM under such scrutiny? It’s quick. It’s free. And in the case of mobile IM, it’s always right at your fingertips. So employees, across the organization, who believe they’ve got a duty to exchange information as quickly as possible with their colleagues (many of whom are also their friends), fire up all kinds of discussions over popular consumer IM apps.

“Meet me downstairs,” leads to “Why?”, and then “So we can review the Johnson project,” which prompts, “Oh, the $2.5M one or the partnership with GlobeCorps?” – and suddenly, you’re in hot water, divulging sensitive information in an unsecured channel and opening the company up to risks on several fronts. Trouble brews so fast.

After a few near-misses, the CIO mandates a fix, and next, an awkward, nerdy new kid shuffles into class, who nobody wants to talk with. That would be enterprise instant messaging. By all accounts, and in my own experience, enterprise IM has quite frankly been clunky and sub-par. So no one uses it. They ditch IM altogether, or more likely, they carry on using the prohibited app, if they can, until they get a slap on the wrist.

The other approach – banning IM altogether – is draconian, but easier to implement, at least ostensibly.

What BlackBerry is Doing about it

On June 23rd, we launched a new feature within BBM that’s specific to enterprises – BBM Protected – that’s designed to bridge the gap between what employees want from mobile IM and what security-conscious organizations need. So, in that sense, it’s a true crossover app.

BBM is used by 85 million people per month, and 85 percent of companies who have a BlackBerry Enterprise Server (BES) use BBM as a productivity app. If you’ve used it yourself, you know it’s fast and convenient. It was the first to let users know when their messages were delivered (D) and read (R) – and other apps have struggled to emulate that feature (among others) ever since.

CB_Messaging

Security_MDM_EMM

Business users have been taking advantage of BBM features like separating personal contacts from work contacts, video chats, file sharing, BBM Group chats, shared calendars, and lists – even more so since BBM went multiplatform late last year. But we knew we could do more.

BBM Protected is tailored specifically for the enterprise.

•    It’s the only secure mobile instant messaging app that uses a FIPS 140-2 validated cryptographic library, the same security standard used by the U.S. government.

•    For regulated businesses and security-conscious organizations, BBM Protected offers an enhanced security model for BBM messages sent between BlackBerry OS and/or BlackBerry 10 devices. Just around the corner, BBM Protected will work with iPhone, Android, and Windows Phones, too.

•    Corporate data is protected in-transit thanks to an additional layer of encryption on BBM, and follows the BES model, wherein your organization holds the encryption keys. BBM Protected chats are encrypted and protected end to end, which means that the message is only decrypted when it hits the recipient’s device. Nobody can intercept and read BBM Protected chats.

•    You add BBM Protected as an IT policy through the BES console, so it’s easy to roll out and manage. BBM Protected is a cloud service, so you don’t have the expense of additional servers, and you minimize the risk of potential downtime.

BBM Protected chats can happen between employees in other organizations as well, as long as both companies have enabled BBM Protected on their BES. And because it’s a BES service, IT departments can log and audit BBM Protected chats. This allows organizations in regulated industries to meet their compliance requirements while employees collaborate in a fast and fluid way. And finally, BBM Protected uses the same BBM app employees already use and love, so they can still chat with family and friends who aren’t BBM Protected users, without having to switch to a separate app.

The key to developing effective crossover apps is to find the balance between functionality (for users) and security (for IT departments). If an app fails to offer a brilliant user experience, or is too restrictive, employees will work around it. But with BBM Protected, enterprises get gold-standard security and employees get to keep the BBM features that millions love to use.

About Thad White

Thad is Senior Director of Enterprise Value Added Services for BlackBerry. He has 20 years of experience building and managing software products across consumer and enterprise markets.

Join the conversation

Show comments Hide comments
+ -
blog comments powered by Disqus