What is a public and in-house instant messenger?
First of all, it is important to explain what a public and in-house instant messenger is and what makes them different.
As a Public Instant Messenger (like Facebook Messenger, Telegram, and WhatsApp) we understand a freely accessible instant messenger that can be used by anyone worldwide. The usage is mostly free and has a broad user base.
An In-house Instant Messenger (such as Microsoft Skype for Business, IBM Sametime, Openfire) is only available to employees of the company. There is no transmission of the content data to an external provider and the control and administration of the communication server is managed by the company.
What about security and privacy?
Many messenger apps have responded since the NSA affair and focused on the encryption of the communication connection and content data. However, it must be distinguished which data is encrypted. For example, WhatsApp transfers data by transferring the entire directory to the provider. WhatsApp can not be used without fully agreement to the conditions. Other providers such as Threema are significantly more economical in accessing and transfer of personal data. For example, Threema can also be used without access to the address book.
A further security risk lies in the communication servers of the messenger service providers located in third countries. Data protection levels comparable to EU law are not available in third countries, and personal data transmission is therefore inadmissible.
Additionally, you should be aware that US providers and associated foreign subsidiaries are fully subject to the USA PATRIOT Act. Introduced in October 2001, the Anti-Terror Law allows US authorities and US courts to access telephone, email and Internet communications data from individuals worldwide.
Process business via public instant messenger?
Does this mean to avoid execution of business processes via public instant messengers?
No. It is important to get more information about the respective provider. For example, in which country the provider is located, where the communication servers are located and what information is collected by the provider.
It also depends on the business process with the associated data. Public instant messengers can be used, if the communication content does not contain personally identifiable and business sensitive information.
In-house instant messenger for business processes?
The operation of an in-house instant messenger infrastructure is the safest option in terms of data security and data protection, provided that there is regular maintenance (updates) by qualified personnel. Security can be further enhanced through the centralized management of access devices (smartphone and tablet via MDM).
The advantages of this option is that all business processes can be processed with the associated personal and business-sensitive data. This allows completely new business processes to be implemented via instant messaging and simplify existing processes.
Would you like to know more about the topic and how the Business Bot platform supports you? Learn more here.