In a move aimed at strengthening security and compliance, the US Securities and Exchange Commission (SEC) has announced a ban on third-party messaging apps and text messages on corporate devices. The measure, which came into effect in September 2023 with the removal of apps, extends to text messages.
Objective of the change
U.S. SEC pointed out that the initiative is designed to reduce risk by blocking access to applications on agency-controlled devices, where vulnerabilities and record-keeping challenges can arise. Following the initial removal in September, the new ban includes text messaging from March 2024. The U.S. SEC’s new implementations are being carried out with technological controls, policy updates and employee training.
Factors to take into account
Large organizations face the challenge of keeping their technology up to date without compromising security or compliance, financial service organizations are also struggling to protect their data from intrusion.
The U.S. SEC’s decision calls for a careful analysis of the benefits and risks of using unapproved communications tools, such as:
- Productivity and efficiency: Evaluate whether unofficial tools increase productivity, communication, and collaboration between employees.
- Risk management: Implement controls and policies to capture and preserve historical records, reducing data security and privacy risks.
- Monitoring: Monitor the use of devices and applications to ensure policy compliance and identify potential violations.
While the U.S. SEC’s ban is an important step, the challenge of communicating outside of official company channels, such as emails, meetings, and phone calls, is dynamic and constantly evolving. The emergence of new tools such as WhatsApp Business and iMessage requires adaptation and monitoring to ensure compliance and security.
Security and Compliance are the future
U.S. SEC’s ban can become an example for the industry, demonstrating proactive measures in the internal application of the policy. The agency is sharing its practices and experiences to help other companies navigate this new global scenario.
U.S. SEC’s ban on third-party messaging and SMS on corporate devices has raised important questions about security, productivity and compliance. It is up to organizations to strike a balance by implementing appropriate controls and monitoring device use to ensure confidential information is protected and compliance is maintained.
As regulations and monitoring increase in the business world, it is essential to have a solution that provides complete visibility to ensure the security of messaging applications. This allows organizations to evaluate risks based on the context of their communication channels.
With tuvis security and compliance solution, you maintain complete control over your company data. To find out more, click here to book a free demo.