IT Compliance Is Everyone's ConcernBy Samuel Greengard | Posted 2016-06-24 Email Print
Re-Thinking HR: What Every CIO Needs to Know About Tomorrow's Workforce
Without robust policies and rules, along with software and IT systems to support them, a company will likely have to cope with compliance gaps and breakdowns.
The explosion of communication and collaboration channels—along with a growing number of computing devices—has introduced huge challenges for organizations. Without robust policies and rules, along with the software and IT systems to support them, an organization will likely find itself coping with compliance gaps and breakdowns, which, in turn, unleash security risks and regulatory enforcement penalties.
A new study conducted by compliance and e-discovery solutions provider Smarsh, "2016 Electronic Communications Compliance Survey Report," offers some interesting insights into this space. It found that compliance professionals are struggling to keep pace with new communications channels that span personal devices and social media accounts.
Survey respondents cited increased scrutiny and enforcement by regulators as the number-one concern related to electronic message compliance. This isn't shocking, since 42 percent of survey respondents reported that their records were examined in the past 12 months, up from 27 percent in the 2015 survey.
But the concerns didn't stop there. Other key issues included balancing employee privacy considerations with oversight obligations; managing new communications channels (social media and text messaging, for example); cyber-security threats to electronic messaging platforms; and having insufficient staff to do the job.
Among the key findings:
- 68 percent of companies that allow text messages for business communication do not have archiving and supervision solutions in place.
- 46 percent of firms that allow LinkedIn for business communications do not have archiving and supervision solutions in place.
- 44 percent of companies that allow Facebook for business communications do not have archiving and supervision solutions in place.
- 29 percent of firms that allow Twitter for business communications do not have archiving and supervision solutions in place.
Today, organizations and compliance professionals must manage all types of business communications: text messages, LinkedIn, Instagram, Facebook, Twitter, corporate IM, public IM, blogs, wikis, email and more. In many cases, these messages and social media posts reside on personal devices and in personal accounts. All of this is driving fundamental changes in compliance, as well as in business and IT.
According to Smarsh CEO Stephen Marsh, "Firms are looking to market themselves in new and innovative ways, and this creates more oversight work for compliance teams." He says that organizations must rethink the traditional approach to electronic communications supervision. "The current linear approach of layering new content types on top of legacy supervision policies and processes initially designed for email is inefficient and ineffective," he says.