Ever since the dawn of the smartphone (and perhaps even before), companies have had to wrestle with employees’ use of consumer apps at work.
From Facebook messenger to Dropbox and everything in between, it can be challenging for employers to navigate this landscape. Non-approved consumer apps–often referred to under the umbrella of “shadow IT”–can indeed help make workers more productive, but they also present unique security challenges from an IT perspective.
A recent Computer World article cites WhatsApp as chief among apps that enterprise IT departments around the world are trying their best to manage. The WhatsApp dilemma is, in many ways, a proxy for the consumer app “problem” in the workplace.
As Computer World notes, a recent CCS Insight study found that WhatsApp–owned by Facebook–is now the most widely-used app in the workplace. This probably isn’t surprising to anyone who’s familiar with the messaging app, but it does present unique challenges.
For one, “consumer apps lack central management capabilities such as the ability to add and remove participants from a group,” says Computer World. In the case of WhatsApp, it’s also unclear who could have access to messages, and can be much more difficult to “keep an eye on” than other apps designed specifically for enterprise use. Whether employees choose to use apps like WhatsApp because the enterprise offerings are less convenient, or because they’re actively looking to skirt the rules, the key issue remains that it’s not always possible to properly manage apps not specifically designed for use in the enterprise.
Companies have a few options with regards to managing apps like WhatsApp. Some companies reluctantly allow their use in the workplace. Others ban such apps entirely. Others still do their best through a curated app store to offer intuitive, user-friendly alternatives in hopes that employees will flock to them instead. Clearly, the best solution will depend on how your employees work and what your security needs are. The key takeaway here is that these apps aren’t going away, and it’s in your best interest as an IT leader not to ignore them.
From our perspective, there are three things you ought to be thinking about with regards to consumer apps in the workplace.
The first is your MAM, MDM, or EMM solution. You should have a curated app store where your in-house apps, along with any public apps you’d like employees to use, are centrally located. In our experience, ease of access (and a strong selection of public apps you’ve vetted) cuts down on shadow app usage.
The second is to thoroughly vet the public apps you put in your curated app store. As Computer World‘s article shows, even popular consumer apps like WhatsApp are not without their issues. Being acutely aware of possible security vulnerabilities in the apps you want your employees to use is essential. Thoroughly vetting apps isn’t a full-on guarantee you won’t have issues, but it will go a long way towards mitigating enterprise risk.
The third and final thing you should be thinking about is monitoring your shadow IT usage to the best of your abilities, even if you have a comprehensive management solution in place. This isn’t always easy, but regularly surveying employees about the apps they use, and pain points surrounding the apps you intentionally give them access to, is essential. In most workplaces, it’s nearly impossible to eliminate shadow IT usage entirely, so keeping an ear to the ground is another important factor in risk management.
Like it or not, consumer apps like WhatsApp are seeing increased usage within the enterprise. Your ability to manage the risks associated with these apps will depend on your app management solution, your ability to vet the apps your employees use, and your monitoring of shadow IT usage at your company. The key here is that ignoring the problem won’t make it go away. Doing your due diligence will go a long way towards ensuring your employees have a great user experience, and mitigating the risks to your company along the way.