Why employees of large companies use “left” software for professional communication and what to do about it


    Large companies have certain characteristics that affect the way internal and external communications and information exchange are built inside such organizations.

    Firstly, they employ a lot of people who are involved in a very large number of projects, which implies a very intensive information interaction both within units and between units.

    Secondly, their employees physically cannot be familiar with all colleagues, and often they are distributed throughout the country (or across the planet, as in the case of global mega-corporations), which complicates communication tasks.

    Thirdly, each of them has a dedicated IT department (or even several of these departments), whose specialists are responsible for the work of the corporate infrastructure and data security. These same experts are usually involved in the implementation of third-party products that were purchased by the company for their needs.

    Usually, this implementation system works pretty well, but it is in the organization of communications that a failure often occurs - the systems recommended by the IT department, designed to discuss projects and other professional interactions, are not convenient. As a result, corporation employees sabotage their use, using more convenient alternative products within their divisions without the IT department’s consent to this (and often - even without his knowledge at all).

    This phenomenon is described using the special term “shadow technology” (“shadow IT” in the English version) - software products and hardware that are used in the life of the company, but are not officially approved. The risks of leakage, fragmentation, loss, distortion and theft of information as a result of the use of shadow technologies for professional communication are extremely high.

    There are two main methods (none of which can be called successful), with which companies usually solve the problem of using shadow technologies in internal communications: tightening the screws and closing their eyes.

    The way to tighten the nuts

    The first method of combating the initiative of employees in the selection of tools for professional communication is strict prohibitive measures. Obviously, this is a road to nowhere - prohibitions not only demotivate employees (which, for example, can lead to the loss of high-quality specialists), but also physically reduce their productivity.

    People use unauthorized (including “consumer”) systems for professional communication in order to facilitate the solution of routine tasks. If they deprive them of access to convenient tools, employees will either spend efforts to circumvent restrictions (for example, use cellular communications instead of a corporate network, or use various tunnels that allow running any applications, including those with known security holes, within the corporate computer network) or they’ll simply put up with an ineffective approved system. In any case, the business is inevitably damaged.


    Method number two: ostrich on the beach

    An alternative to the corporate prohibition policy described above is that the IT department ignores the dangers associated with shadow communication technologies. This approach often exploits the low awareness of heads of organizations regarding intellectual property protection and data security.

    Examples are known when, after moving to competing firms, former corporate employees for years continued to maintain access to shadow communication technologies in their old organizations (and, accordingly, to fresh - and often secret - corporate information).

    Usually the fragility of a system where the loss of one laptop or smartphone can bring down a huge project, along with all the investments of labor, time and money into it, is very clearly proved by practice.

    Method number three: "We will go the other way"

    The sad situation for all participants using shadow communication technologies has finally begun to change for the better over the past few years.

    The initial contradiction can be described as follows: on the one hand, most of the products designed to solve the problems of interaction within large organizations are not very convenient (recall, for example, this fierce criticism of the Yammer system); on the other hand, any employee of the company in everyday life can use dozens of similar “consumer” services, which are much more convenient, reliable, and faster (Skype and WhatsApp come to mind first). In this situation, it is quite difficult to expect enthusiasm from employees who are forced to use software that is inconvenient (but allowed by the corporation).

    An obvious solution to this contradiction is to make corporate communications tools no less convenient than consumer services, but with all the benefits of corporate control over them. Technological progress finally translated this task into the category of solvable ones. In bulk, like mushrooms in the season, there are more and more convenient tools specially designed for use in professional life (for example, instant messengers for team work, which we talked about in the last topic ).

    Cloud as the final decision

    The unifying attribute of the mentioned tools of the new generation is their cloud character. It was cloud technology that made it possible to make a breakthrough in resolving a painful contradiction.

    The trend towards the transition of corporate services to the "clouds" is undeniable - new technologies allow businesses to get better results and pay less money for it. Accordingly, those companies that understand the benefits of using cloud products get competitive advantages over competitors.

    Those who cannot overpower distrust of such tools will incur losses and lose to more open companies. Deploying your own chat for teamwork on an internal server or using a third-party product will never compare in efficiency with a cloud service - the quality of the tool, the availability of updates and ease of use will always be lower than in the cloud.

    Next step: Kato Enterprise

    Despite the fact that email is the de facto standard for corporate communications, it loses to specialized tools as an internal communication tool, including messengers for team work, such as Slack and HipChat. These tools, however, are not suitable for everyone and not in any situation.

    The main drawback of the popular services of the new generation is that they are not designed for large companies, but for startups and individual teams within organizations that are relatively modest in size and complexity of the internal structure. They, as a rule, are still not intended for use in the context of a strict information security policy. Issues of access to data and ownership of information often remain without discussion and decision.

    The above problems are solved in the corporate version of our product called Kato Enterprise - thanks to integration with the cloud-based identity management services (see this Wikipedia article on Single sign-on ) Okta and OneLogin , corporate users will be able to log in to the Kato messenger using their account in Active Directory, Google Apps, or LDAP.


    SSO services (for example, Okta and OneLogin) allow companies to work with cloud products without the need to create separate accounts in them - you can “log in” to the conditional Dropbox using an account in the SSO service (which can be linked to the same Active Directory ) At the same time, it is possible not only to login to the conditional Dropbox on the domain account, but also to receive rights in the conditional Dropbox service that correspond to the rights of this particular user on the corporate network, registered in the SSO service (the so-called “provisioning”).

    SSO services, in addition, make it easy to combine and separate company directories. For example, if one company using Okta buys another using some directory (Active Directory, Google Apps, LDAP), then in the Okta directory of the first company, the Okta directory of the second company will appear almost automatically listing its employees.

    The connection between Kato and SSO services allows you to create teams in the messenger based on the structure of the company reflected in its directory.

    For example, groups in Active Directory, Google Apps or LDAP that describe accounting or sales are displayed as separate teams in Kato - this is a unique opportunity among instant messengers. In addition, the messenger will also have a common “umbrella” team, uniting all employees of the company.

    VersionKato Entreprise is currently in beta. After testing is complete, really large companies with tens of thousands of employees will be able to use the Kato Enterprise version.

    "Why not on our server?"

    One of the most frequent questions in Kato's support rooms is “How can I trust sensitive corporate information to a messenger whose servers the company has no control over?”.

    Several facts allow us to answer this question:

    • Hacking of servers under the complete control of the host companies is a fairly common occurrence (recent sensational examples: Sony, Home Depot, Target, Adobe, eBay)
    • The general (and growing) trend towards the transition of corporate services to the cloud is undeniable - cloud technologies allow businesses to get better results at lower costs (even Microsoft, which has earned innumerable billions on installed office programs, has released Office Online)
    • Companies that realized the benefits of using cloud technology before others get competitive advantages
    • Systems that ensure the collective security of participants are always cheaper and more reliable than systems that provide a comparable level of security for these participants individually.

    PS The topic was updated at 23:05 Moscow time.

    Also popular now: