Secure, compliant messaging is more than just encrypting the messages

Woe betide those who send an urgent business message via a non-compliant messaging service.

I recently signed up with Symphony, a secure business-class messaging service, and it's exactly what the enterprise needs.

My mind boggles when considering the number of messaging platforms and accounts that must be checked on a regular basis. I use these services regularly for a variety of social networking, group collaboration, and one-to-one messaging:

  • SMS texting with my mobile phone
  • iMessage on Apple
  • AIM (AOL Instant Messenger) account
  • Direct messaging through Twitter
  • Facebook Messenger
  • LinkedIn Messenger
  • Google+
  • Microsoft's Yammer
  • Microsoft's Skype
  • And probably others that aren't top-of-mind 

That's a lot of platforms that must be kept logged in, checked regularly, and maintained. Thank heavens for notifications, whether through email or pop-ups. That's only the beginning, though. It's critical to remember which workgroups and projects use which services – and which ones get the quickest response from collaborators. Some colleagues and friends have accounts on many of these services and others, but might be most active on LinkedIn Messenger, or only reply to SMS texts during the day, or prefer to use Facebook for personal correspondence and Google+ for professional engagement.

Woe betide those who send an urgent message via the wrong messaging service because they forget someone's preferences.

Whether you describe the above as social networks or collaboration services, there's one shortcoming that I've found in all of them – business-class trustworthiness. The only one of the above that offers enterprises real control is Microsoft's Yammer, in the sense that it allows a compliance officer to determine who can send and receive texts to whom and maintain the ability to audit for compliance.

Even Yammer's abilities, however, aren't really designed for today's business. While it's easy for corporate users to create groups within the business, it's not able to readily link with the outside world. As of mid-October, the ability to invite customers, partners and vendors into secure conversations governed by corporate compliance policies is still “coming soon.” Not only that, but let me be direct: Yammer is clunky and difficult to use, especially if you are a member of dozens of groups and conversations. It simply doesn't scale in an intuitive, elegant sort of way.

That's where I've been impressed with the Symphony messaging service, despite my exhibiting an annoying facial tic when recalling Symphony, an unrelated integrated desktop software suite for DOS launched by Lotus Development Corp. in 1984. (Oh, and don't forget the equally unrelated Lotus Symphony office productivity suite released by IBM in 2007 and sunset in 2012.)

The modern Symphony, launched in 2014, is a cloud-based social-media messaging service totally designed for enterprises, although individuals can sign up for free accounts as well. Those free personal accounts are easy to use and allow individuals to find each other and engage in group discussions that allow excellent content searching, hashtagging, and filtering. It's a delight to use through a browser, but of course, it only works when the browser is open. There's a Windows 7/8.x desktop application available; I wish the company would hurry up and release Mac, iPhone, and Android apps.

That's only the start, though, and free personal users won't realize the biggest benefits of the service. Large financial firms can take advantage of secure buy-side and sell-side messaging, where Symphony acts as the secure intermediary to let buyers and sellers communicate in a way that's fully auditable with both organization' audit and compliance policies.

Similarly, Symphony offers secure, compliant, policy-based messaging for enterprise and small/midsize business customers, using end-to-end encryption, message retention, two-factor authentication, usage reporting, and information barriers to prevent information leakages. The system even includes active warnings to users if messages appear to be out of compliance – and then can alert the compliance offers and give them the tools to intervene immediately.

We often talk about BYOD. We should be equally concerned about BYOM – that is, bring your own messaging platform. Who knows what types of official and unofficial business correspondence is being done via Facebook Messenger, Twitter direct messages, or even texts to personal phones? It's not good. While Symphony can't prevent employees from using those other platforms, of course, it does provide a secure alternative.

I'm not the only one who thinks so: In October 2015, Symphony raised more than US$100 million from a group of investors including Google – and that's on top of $66 million raised a year ago, in October 2014.

My biggest worry with all messaging services in the post-Snowden era is ensuring that data remains both secure and confidential. According to David Gurle, founder and CEO of Symphony, enterprise compliance officers hold all the crypto keys, and there are no back doors.

“Whether users interact using desktop or mobile (iOS), Symphony records all conversations so that compliance officers can export this information for inclusion in existing retention systems. Exports are decrypted locally on the customer premises and can be programmed to occur at regular intervals or can be Ad Hoc,” he wrote me, in response to my concerns about confidentiality.

Conducting business over Yammer seems safe, but it's ugly and clunky, and not designed for management by compliance officers. The other services — Facebook, LinkedIn, Skype — who knows? For enterprise-grade, policy-driven, compliant, secure corporate social-media-style messaging and collaboration, Symphony looks to be a winner. Or at least, it will be once Symphony builds out its list of native clients to go beyond browsers and older versions of Windows.

Copyright © 2015 IDG Communications, Inc.

The 10 most powerful companies in enterprise networking 2022