Despite all of the high-level risks, some board directors and administrators continue to email sensitive documents via non-secure platforms. Directors may even use their personal email accounts and mobile phones. This opens up your organization to vulnerabilities such as hacks and data breaches. Using various email and mobile platforms to email or text board documents is also a headache for IT and board administrators, as levels of visibility and control can be compromised.
We’ll examine the challenges of emailing and messaging confidential board information and make the case for adopting a secure messaging app.
Emailing puts your board’s sensitive information at risk
Directors use email and text to communicate with each other because it’s easy and convenient. But vulnerabilities and risks impacting your company include the following:
Phishing attacks: Criminals are becoming more strategic and stealthy with their email phishing attacks. These attacks seek to trick users into opening email attachments that are actually a sort of virus or malware. The emails may appear innocuous, even seeming to come from a reliable source. Board members, for example, may receive emails asking for tax information or requesting bank transfers. The messages may even come from a trusted email account — one that’s been hacked and taken over. Sometimes, board members use their personal email accounts to handle board communications so they won’t get these mixed in with the emails from the companies they work for, according to an article by CSO. But the use of those relatively unsafe accounts creates a risk that hackers might exploit.
Password hacks: Some directors will use the same password for their personal and business email accounts. If an attacker gets a hold of the password for one email account, that could potentially give him access to the business at large, and an organization’s confidential information could be compromised. For example, a cybercriminal could hack a director’s password, log in and extract sensitive information by posing as the director via their email. The information could go public and damage the organization, or the criminal might hold the sensitive information hostage and ask for a ransom. Either way, the results could be disastrous.
Rogue apps: Employees may use these unvetted and often insecure rogue apps, which are apps that have not yet been vetted, approved and supported by the company, to improve productivity. But doing so places the company’s sensitive data at risk, as these apps may not be secure, and could have backdoors that hackers could exploit.
Bring secure communications and efficiency to your boardroom. Schedule a demo now to learn more about Diligent solutions.
The case for adopting a secure board messaging app
If your board is considering adopting a board messaging app, here are some suggested strategic best practices for selecting a solution:
- Assess the security threat. What are your company’s vulnerabilities? How are your directors treating sensitive documents? Be sure the board messaging app you select delivers enterprise-level security so that you can maintain control and ensure compliance. Security is a top priority, so be sure the vendor you choose has top-notch security features.
- Get leadership buy-in earlier during the review process. Involve your leadership and board directors in the solution assessment and in the selection process. Determine what features and benefits mean the most to them and set up a comparison grid outlining the potential solutions. If you don’t get leadership’s input early, you may select a messaging app that doesn’t meet their needs and that won’t be universally adopted.
- Stick with one, and only one, solution. Using several messaging solutions creates fragmentation and headaches for your IT department. Using multiple solutions could also cause more vulnerabilities, as they may not all possess the same level of security. Just select the best solution for your needs and eliminate the rest. If board members or staff members are using their own apps for certain tasks, understand what problems they’re trying to solve, and how you can address those problems.
- Educate directors and administrators. A messaging app won’t work if board members and staff aren’t trained to use it. When deploying the solution, it’s important to educate the teams using the app. This will also help ensure that they use it properly, so information stays safe and secure.
How Diligent Messenger delivers the safer, smarter way to email and message
Don’t compromise the security of your Diligent Boards solution by emailing board materials outside of the portal.
Diligent Messenger safeguards all data with the same best-in-class security infrastructure and encryption as Diligent Boards. Because users are authenticated by your Boards and Messenger sites, you can control the potential recipients of communications.
Benefits for directors and board administrators include:
- Compliance with your organization’s document retention policy, so messages can be retained or deleted;
- Improved communication and collaboration, which allows directors to connect instantly with other directors while reviewing board materials; and
- Real-time sharing, so users can share documents securely in real time to augment collaboration efforts.
Overall, a secure board messaging app — like Diligent Messenger — improves collaboration and communication while keeping your organization’s information safe and secure.
November 26, 2018
The Risks of Free Board Management Software
The use of board portals is growing at a swift rate. Daedal Research forecasts that 67.7% of companies will be using board portals by the year 2020, which is up from 34.5% in 2015. This percentage equates to about a third of companies globally that will be…
November 16, 2018
Why Boards Need to Pay Attention to Cybersecurity
Financial regulators and lawmakers have directed much of their recent attention to high-profile cybersecurity incidents. Media stories over data breaches are creating serious concerns over protecting investors and customers. The Securities and Exchange Commission (SEC) is sounding an alarm of fair warning for public companies with weak cybersecurity controls.
November 14, 2018
How to Get Your Board to Use Better Secure Communications Practices
Do your communication practices, or those of your colleagues and directors, pose risks to your organization? If you’ve ever used personal email to communicate on a sensitive matter, the answer is yes. Diligent Corporation commissioned Forrester Consulting to conduct an April 2018 survey of directors and governance professionals in 11…