Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Cyber Tactics
    • Leadership & Management
    • Security Talk
    • Career Intelligence
    • Leader to Leader
    • Cybersecurity Education & Training
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • The Security Leadership Issue
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
    • Podcasts
    • Polls
    • Photo Galleries
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Continuing Education
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!
CybersecuritySecurity Enterprise ServicesSecurity Leadership and ManagementSecurity & Business ResilienceCybersecurity News

7 Essential Security Factors to Consider When Choosing Your Enterprise’s Messaging Platform

Messaging platforms are changing the way information is shared in the workplace. But that shouldn’t come at the risk of data breaches.

By Praveen Kanyadi
digital workplace
December 17, 2019

You need to ask a colleague to check in on a task; what’s your most likely form of communication? Picking up the phone? Composing an email? Walking over to their desk?

If you’re like most enterprises, a messaging platform has become the primary channel for your intra-team communication. Platforms such as Slack and Microsoft Teams reportedly have 12 million and 13 million daily active users respectively. These platforms facilitate real-time collaboration between team members and, unlike email, a style of communication that is casual, brief and elicits immediate responses. In addition, these platforms allow users to share media, files and a variety of other content. They also enable employees to add external users, suppliers, contractors and customers to the network, thereby extending the reach of communication beyond the enterprise.

Essentially, the instantaneous and bi-directional communication experience of these platforms is fueling their growth and profoundly changing how information gets shared within the enterprise and beyond. Naturally, as with the adoption of any new workplace tool and anytime company information is being relayed, there is a downside to consider: the risk of security breaches. 

Here are some of the main security factors to consider when using enterprise messaging platforms.

1. Encryption 

Data encryption is a critical requirement to ensure that information is securely exchanged between parties and to prevent data leaks. Before choosing a messaging platform for your company, it’s important to ensure that it supports, at minimum, TLS 256-bit encryption. Also note that some platforms support encryption while transferring the data, while some take it a step further and extend this encryption to storage, as well. Be mindful of the extent of encryption your platform is capable of.

2. Role-Based Access

To prevent the unintentional or unauthorized sharing of confidential information, an organization’s chosen messaging platform needs to support role-based access. The platform’s functionality should allow for enterprise data to be available, or not, to employees based on their job function and role. Administrators should be able to regulate this access in a granular way, thereby having firm control of levels of clearance within their company.

3. Restricting File Actions

Administrators should also be able to restrict users, or certain users, from being able to download documents shared via the platform. Some platforms provide capabilities that allow users to view documents in read-only modes, disabling their sharing options. Users can also be restricted from taking screen captures to prevent sensitive information from being shared in that way.

4. Authentication

Like with most security protocols, a strong authentication mechanism is critical to safeguard unauthorized access. Biometric authentication along with two-factor authentication is far more secure than password-based authentication. In addition, this makes the login experience frictionless for employees who won’t have to worry about remembering passwords and can simply use their fingerprints, facial recognition, or the like to log in.

5. Logging

Logging throughout the life cycle of a message is a critical requirement to ensure that administrators are able to trace any incidents or security breaches by being able to identify the sender and the information that was exchanged. Enterprises must also implement single sign-on to make it easy to identify employees across their multiple systems. This has the added bonus of, once again, creating a frictionless user experience for employees, as well.

6. DLP Policies

A data loss prevention (DLP) policy should be implemented to restrict users from sharing sensitive or critical business information outside the organizational network. This requires setting up rules that help identify sensitive content and prevent users from sharing this information. A chosen messaging platform should allow for this sort of functionality. This policy should also be shared with employees upfront and in a clear manner.

7. Vulnerability Audit

Finally, an enterprise should ensure that their messaging platform provides reports of regular security audits. Platforms should perform frequent penetration testing for any vulnerability against risks defined by organizations such as OWASP and WASC. Their findings should then be readily accessible to their customers.

Looking Beyond the Desk-Based Workforce

While Slack and Teams have been popular with desk-based workers in the corporate workplace, traditional industries such as retail, manufacturing, hospitality and others have seen limited adoption of these platforms. This is primarily because these industries have a large non-desk workforce, and these platforms don’t offer the best experience for field-based workers who often use mobile as their main form of communication. So, a majority of these employees use public messaging apps for operational communication within their team, which includes sharing content and files. 

The major problem that arises when utilizing public messaging channels is that the enterprise essentially has no control over how information gets shared, thereby putting their organization at huge security risks. Instead, these organizations should look to safeguard their data by adopting communication platforms that have been specifically designed for the non-desk workforce and that offer the same enterprise controls and security features mentioned above.

Putting Security First

While the convenience and ease of messaging platforms can greatly aid in the efficiency of the workplace, these advantages shouldn’t come at the cost of security. It’s important for an enterprise to carefully consider all of the above factors when choosing a platform to adopt for their workplace.

KEYWORDS: authentication biometrics cyber security cybersecurity data breaches

Share This Story

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

Praveen Kanyadi is VP of Product at Groupe.io/SpotCues.

Recommended Content

JOIN TODAY
To unlock your recommendations.

Already have an account? Sign In

  • Security's Top Cybersecurity Leaders 2024

    Security's Top Cybersecurity Leaders 2024

    Security magazine's Top Cybersecurity Leaders 2024 award...
    Cybersecurity
    By: Security Staff
  • cyber brain

    The intersection of cybersecurity and artificial intelligence

    Artificial intelligence (AI) is a valuable cybersecurity...
    Security Leadership and Management
    By: Pam Nigro
  • artificial intelligence AI graphic

    Assessing the pros and cons of AI for cybersecurity

    Artificial intelligence (AI) has significant implications...
    Technologies & Solutions
    By: Charles Denyer
Subscribe For Free!
  • Security eNewsletter & Other eNews Alerts
  • eMagazine Subscriptions
  • Manage My Preferences
  • Online Registration
  • Mobile App
  • Subscription Customer Service

More Videos

Sponsored Content

Sponsored Content is a special paid section where industry companies provide high quality, objective, non-commercial content around topics of interest to the Security audience. All Sponsored Content is supplied by the advertising company and any opinions expressed in this article are those of the author and not necessarily reflect the views of Security or its parent company, BNP Media. Interested in participating in our Sponsored Content section? Contact your local rep!

close
  • Crisis Response Team
    Sponsored byEverbridge

    Automate or Fall Behind – Crisis Response at the Speed of Risk

  • Perimeter security
    Sponsored byAMAROK

    Why Property Security is the New Competitive Advantage

  • Duty of Care
    Sponsored byAMAROK

    Integrating Technology and Physical Security to Advance Duty of Care

Popular Stories

Pills spilled

More than 20,000 sensitive medical records exposed

Laptop in darkness

Verizon 2025 Data Breach Investigations Report shows rise in cyberattacks

Coding on screen

Research reveals mass scanning and exploitation campaigns

White post office truck

Department of Labor Sues USPS Over Texas Whistleblower Termination

Computer with binary code hovering nearby

Cyberattacks Targeting US Increased by 136%

2025 Security Benchmark banner

Events

May 22, 2025

Proactive Crisis Communication

Crisis doesn't wait for the right time - it strikes when least expected. Is your team prepared to communicate clearly and effectively when it matters most?

September 29, 2025

Global Security Exchange (GSX)

 

View All Submit An Event

Products

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

See More Products

Related Articles

  • erp-freepik1170.jpg

    7 essential capabilities to consider when evaluating ERP security, risk and compliance solutions

    See More
  • Vulnerability and cybersecurity assessment solutions

    Choosing the right security assessment service for your enterprise

    See More
  • data intelligence

    Why modernizing your mainframe is essential for enterprise security

    See More
×

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

SIGN UP TODAY!
  • RESOURCES
    • Advertise
    • Contact Us
    • Store
    • Want More
  • SIGN UP TODAY
    • Create Account
    • eMagazine
    • eNewsletter
    • Customer Service
    • Manage Preferences
  • SERVICES
    • Marketing Services
    • Reprints
    • Market Research
    • List Rental
    • Survey/Respondent Access
  • STAY CONNECTED
    • LinkedIn
    • Facebook
    • YouTube
    • X (Twitter)
  • PRIVACY
    • PRIVACY POLICY
    • TERMS & CONDITIONS
    • DO NOT SELL MY PERSONAL INFORMATION
    • PRIVACY REQUEST
    • ACCESSIBILITY

Copyright ©2025. All Rights Reserved BNP Media.

Design, CMS, Hosting & Web Development :: ePublishing