More than 70% of employees reporting that they are using messaging applications like WhatsApp, WeChat, Signal, LINE and Telegram to communicate with customers. As a result, an enterprise must have the ability to get clear visibility of the messaging conversations’ content.
Messaging applications offer a quick, low-barrier way of communication with customers. Especially in those customer-facing roles where relationship building is key. However, employees often use private, personal accounts for communication. So the conversations are not only invisible to the organization but as they are on unsecured devices they can pose a threat to organizations.
LeapXpert’s solution enables organizations to bring those conversations inside corporate walls. What is visible can be monitored and surveillance tools and processes can be appropriately applied. Without visibility organizations cannot have control of not only what information comes out of the organization but what information comes into the organization.
Messaging communication tools are increasingly being used in phishing, malware and other security attacks. Unsecured, they are an easy entry point for hackers to potentially access corporate tools and devices. In a recent phishing attack in the UK, employees received a messaging purporting to be from a former senior executive. A number of employees clicked on the link. In this scenario, while no damage was done, there could have been potential incursions into corporate systems.
LeapXpert’s FMOP includes many key security features – primarily designed at preventing the flow of information out of the organization – DLP, keyword dictionaries, guidelines on documents etc. IT teams have visibility of messages flowing into and out of the organization including the files and attachments.
For example, LeapXpert has a number of built-in enterprise security controls:
Data Leakage prevention functionality
LeapXpert’s DLP module enables the organization to set rules and in the case of a violation the module will block message processing or will reject message delivery. The basic rule logic is based on a set or rules that is defined through the use of regular expressions that match the content of the message the employee is attempting to send. The IT admin has the option through dictionaries to create policies whereby messages can be either blocked or annotated, i.e. a warning is sent to the employee. Audit events can be raised based on DLP rules violations for analysis.
Keywords, DLP, File Classifications
LeapXpert also uses a number of tools to enable organizations to ensure that messages may contain banned or forbidden words. Additionally for organizations that follow ISO27001 best practices, there are file classification practices which allow file metadata keywords. This allows an enterprise to control what documents and content can be shared externally, by whom based on department, by hierarchy, by confidentiality and other elements. Any breach reports can be either built-in or delegated as part of a security audit stream. Alerts can be sent to the user (employee) as well as the system administrators for analysis.
LeapXpert uses only official accounts. Enterprises and customers can be assured that they are dealing with official and authorized employees if they receive a message sent through the LeapXpert FMOP platform. Given the potential for phishing and malware through messaging applications (and indeed other channels) this gives all parties comfort knowing that the person that they are interacting with is the official business entity.
Antivirus and Antimalware functionality
LeapXpert has partnered with multiple vendors offering anti-virus and anti-malware capabilities. These partnerships allow our customers to choose the best solution for their business based on the necessary protection level and come with a variety of deployment options.
LeapXpert offers the following integrations in the security and surveillance space:
- Archiving solutions
- Single Sign On
- Mobile Device Management
- Anti-Malware and security
It is likely that as messaging application use for business conversations grows there will be increase requirements for surveillance for regulatory purposes. Indeed, the SEC announced in October a probe into digital channels including messaging applications. Ensuring that an organization has not only visibility of the messages sent but the appropriate tools for surveillance will be vital as more regulatory bodies require oversight specifically into these channels.
Ensuring that an organization has robust security tools to protect corporate devices and networks from malware and security incursions is important as messaging becomes a way of doing business.
Talk to one of our team to learn more about our security offerings.