26 Nov 2017
Blog » Secure WhatsApp Alternative for Enterprises and the Public Sector
Currently many large enterprises, small and medium businesses as well as the public sector look for a secure WhatsApp alternative (e.g. Teamwire) for their organization. In the following we want to give an overview why this is an important problem to solve, and what features a messaging app requires to serve as a secure WhatsApp alternative for enterprises.
The Transition from Email to Messaging and the Need for a Secure WhatsApp Alternative
Currently enterprises primarily communicate via the email. Employees get often hundreds of emails per day and the resulting email overload is a typical challenge to manage. Therefore the email is not the most efficient channel to exchange information nowadays.
In the consumer space a transition away from email towards messaging has occurred already. No one writes emails anymore. Every consumer is using messaging apps like WhatsApp because the communication is easier, instant, more efficient and less formal.
Since email responses of colleagues often take too long, employees write WhatsApp messages to accelerate the communication. In many cases employees even have set up group chats in WhatsApp for teams, projects and important topics. The result for an enterprise is broad usage of WhatsApp as part of the shadow IT.
(=> NOTE: To identify if your enterprise has a WhatsApp problem as part of the shadow IT, please read this blog post.)
WhatsApp cannot protect enterprise and customer data and is often in conflict with European data protection laws. For the data protection, security and compliance of an enterprise this is a big problem. Especially with the upcoming GDPR and its high fines the WhatsApp usage cannot be tolerated anymore and becomes an important topic to be solved in many enterprises.
(=> NOTE: To understand why WhatsApp is not compliant with the GDPR, please read this blog post.)
Enterprises understand that employees use WhatsApp for productivity reasons: Faster communication, easier information exchange and better collaboration. Thus more and more enterprises look for a secure messaging app as a WhatsApp alternative that offers the same productivity benefits, but provides all required data protection, security, administration and compliance.
This shift away from email towards messaging and the related search for a secure WhatsApp alternative for enterprises is currently happening across all industries, sectors and company sizes.
Employees Want an Enterprise Messaging App that Works like WhatsApp
A secure WhatsApp alternative for enterprises needs to have an identical feature set and a very similar user experience like WhatsApp. This is a very important point, because WhatsApp has more or less set the standard for what users expect for messaging, and most employees expect a similar tool in their business life.
Thus employees expect all known messaging and digital content sharing features from WhatsApp in an enterprise messaging app. This includes professional group messaging, read receipts for group chats and easy chat administration. The enterprise messaging app should also have a very simple and intuitive user interface like WhatsApp.
While this sounds easy, several enterprise messaging apps either lack features or have a more complicated user interface. Unified communication tools often lack the required features (e.g. read receipts or group messaging) and modern collaboration tools often have less intuitive channel interfaces (e.g. Microsoft Teams or Slack). The resistance of employees against such alternatives to WhatsApp and the additional support required for a roll-out of such enterprise messaging apps is much higher than one would assume.
GDPR Compliance Is Critical for a Secure WhatsApp Alternative for Enterprises
A secure WhatsApp alternative for enterprises needs to be compliant with the GDPR and has to ensure comprehensive data protection based on European law and privacy standards. Therefore the following points are especially important to comply with the GDPR:
The enterprise messaging app may not store any data outside of the European Union, which is a key requirement of the GDPR. Ideally all data of the secure WhatsApp alternative should be be stored in the country of the head quarter of the enterprise in the EU. Some industries like healthcare, financial services and the public sector might even require private cloud or on-premise deployments of the enterprise messaging app.
The enterprise messaging app should be built based on a "privacy by design" architecture and use as little data as possible (principle of data economy and data reduction). Therefore data of an enterprise should either not be used and if required pseudonymized and strongly encrypted. Besides the secure WhatsApp alternative should not analyze user behavior or collect meta data, unless it is necessary to provide the service to the enterprise.
The enterprise messaging app should not store the address book of users. Storing address book data of users is in conflict with the GDPR, unless ALL contacts of a user have given consent to the enterprise to share their contact details with the provider of a secure WhatsApp alternative. This is also important for the "right to be forgotten" of the GDPR. Enterprises that are not compliant here could face warnings and penalties based on the GDPR.
The enterprise messaging app must provide an archive of the messaging communication and audit logs of the enterprise. These records of a secure WhatsApp alternative are needed for audit-proof and compliance as well as for the GDPR for an enterprise to understand where personal data of users might have been communicated and stored. Thus, the archive and the audit logs need to be searchable.
(=> NOTE: For further information about GDRP compliance please find a complete list of data protection requirements for an enterprise messaging app here.)
Important Enterprise Uses Cases Need to Be Covered
A secure WhatsApp alternative for enterprises should cover all relevant uses cases of the business. On the one hand an enterprise messaging app needs to ensure maximum productivity of mobile and desktop workers, and on the other hand it needs to constantly connect employees where ever they are - traveling, in the office, in stores, on conferences, in warehouses or on production facilities.
Therefore a secure WhatsApp alternative requires mobile as well as desktop apps, which have the same feature set, can be used with one account across all devices and provide synchronized and persistent chats (including backups in case a device gets lost).
Often larger group chats are needed for use cases in the enterprise. An enterprise messaging app should easily handle group chats with more than 50 chat members (including group read receipts). Some enterprises might require a secure WhatsApp alternative that can host group chats with several hundred or more chat members. Some businesses might need distribution lists to quickly set up new group chats, and some organizations might want to put the chat members under control of the central IT.
A secure WhatsApp alternative for enterprises should at least offer sharing of photos, videos and files/documents in order to cover the basic business use cases. More advanced enterprise messaging apps provide features like voice messaging, location sharing, calendar date exchange and polls/surveys.
Enterprise-grade Administration, Security and Compliance Are Core Requirements
A secure WhatsApp alternative for enterprises should allow to easily and professionally manage all employees via an administrator portal. In addition to standard user management functionality like inviting, black listing, blocking and deleting users, the following features are important for enterprises:
The enterprise should be able to configure communication rules and compliance policies for the secure WhatsApp alternative in order to be able to control information exchange, ensure compliance and protect corporate data. Some enterprises might require features like content sharing rights and data retention policies.
The enterprise messaging app should provide an LDAP/AD synchronization in order to simplify and automate user management and ideally allow to import groups.
The secure WhatsApp alternative for enterprises should support leading MDM/EMM solutions (like Airwatch or MobileIron). This support helps to automate and accelerate the roll-out of an enterprise messaging app, ensures that corporate data gets fully protected in a container and covers all data loss prevention scenarios.
The enterprise messaging app must provide complete and strong encryption (incl. transport, meta data, message/content of chats end-to-end, storage on devices and cloud/server), do multi-factor authentication and ensure comprehensive security.
Larger enterprises, conglomerates or holding companies will require multi-tenancy and multi-domain capabilities of an enterprise messaging app in order to enable individual administration of separate business units.
The secure WhatsApp alternative for enterprises must be easy to deploy, host and roll-out. In addition, the enterprise messaging app should have a scalable and performant architecture for the required number of users of an organization (hint: the scalability of enterprise messaging apps strongly varies).
Ecosystem Integrations of a WhatsApp Alternative Drive the Digitalization and IoT
A secure WhatsApp alternative for enterprises should provide an API for integrations of 3rd party services and software. These integrations help to automate processes and workflows, and accelerate the information exchange between various systems.
The enterprise messaging app should allow to integrate any kind of 3rd party services and software via the API and offer an SDK to easily develop any kind of integrations. Often enterprises want to connect the secure WhatsApp alternative to standard software like ERP, CRM, HR and accounting systems as well as in-house developments, websites and social media channels.
It is essential that an API of an enterprise messaging app can also be used to program chat bots in order to e.g. simplify information queries, easily guide employees through processes, directly support customers, regularly deliver reports to the management, automatically inform users of news and alarm a team in case of incidents.
Since connections of other systems to the secure WhatsApp alternative could be a potential data leak, all integrations and chat bots need to be secure and under full control of the enterprise. Thus the enterprise must be able to manage, which integrations and chat bots are allowed, what data they can access and which users may use them.
The potential use cases for integrations and chat bots of a secure WhatsApp alternative are endless and a core component for the digitalization of an enterprises. Also for projects around internet of things (IoT) and industry 4.0 an integration into an enterprise messaging app is often important and can result in significant productivity and security benefits.
(=> NOTE: We would also highly recommend our blog posts on the best enterprise messaging app for European businesses and the leading enterprise messaging app, which can help with the selection of a great enterprise messaging app.)