· News

Employees unaware of messaging app security risks

A third (33%) of employees have sent customer information via new communication platforms, suggesting a lack of awareness of security risks, research finds

Symphony's Workplace Confidential survey, of 780 employees in the UK, looked into the growth of collaboration tools (such as messaging apps) in the workplace.

It found that 25% of employees said they have shared personnel information such as HR and pay details on these platforms, while 21% have used them to send company financial information.

Despite almost all (94%) saying they are confident that information shared via these platforms is safe, almost a quarter (24%) were not aware of their employer’s IT security guidelines.

The research warned that employees seem to lack knowledge of data and security, as many of these applications are not protected with end-to-end encryption, yet workers are using them for sensitive data.

Employees were also found to use these platforms inappropriately. Twenty-nine per cent admitted to talking badly about a client or customer, 19% had shared a password, and 15% had given out credit card details over these platforms.

When asked which workplace channels make them feel most overwhelmed at work, 69% of UK employees cited email, compared to just 11% for collaboration platforms.

In a bid to cut down on email overload UK employees identified several workplace tasks they would prefer to be moved onto a workplace collaboration platform, with the most popular being scheduling meetings (50%), followed by internal team conversations (43%) and internal team actions (36%).

The research also found that employees believe these apps aid productivity. Almost half (47%) of respondents said these tools make them more productive, while just 6% said messaging apps were more harmful for productivity.

Almost eight in 10 (79%) also believe these tools make it easier to work remotely. While this is a positive move in powering the modern workforce it presents security challenges, researchers said, as 10% admitted to using a publicly-available computer.

Chief experience officer at Symphony Jonathan Christensen noted that while these apps can make communication in teams easier, they also carry a greater security risk than traditional tools: “The way we work is changing. Collaboration platforms and other innovations bring positive improvements that enable more flexibility and better work/life balance,” he said.

“But a more casual approach to workplace communications, and digital habits in general, presents major security risks. Employees won’t keep secure practices on their own, and employers must consider how they will secure workforce communication over messaging and collaboration tools, just like they did with email.”

Employers should look into implementing security to avoid data leaks, he added: “The flow of conversation in collaboration apps can be powerful for building team cohesion and productivity, but managers have to ensure that the ability to have casual conversations does not lead to the casual handling of sensitive information. Having the ability to securely deploy appropriate monitoring and surveillance tools to ensure that data leaks are prevented (as has been done with email and telephone systems) is critical, particularly for regulated environments.”

The Symphony research comes as a separate report from Hiscox found that the proportion of UK firms reporting a cyber-attack has risen dramatically. It found that 55% had faced an attack in 2019, up from 40% last year.

But the percentage of firms scoring top marks on cyber security had fallen, the Hiscox research found, with UK organisations faring particularly badly. The research surveyed more than 5,400 small, medium and large businesses across seven countries, including the UK, Germany, the US, Belgium, France, the Netherlands and Spain.