Employees need to collaborate with co-workers and clients to get their job done, whether they use the phone, email, instant messaging or an enterprise social network as their preferred mode of communication. But when potentially sensitive content and data are being shared inside and outside the business, enterprises must ensure they have the proper policies or technology in place to remain compliant with industry-specific regulations.
Many businesses have begun introducing privacy policies regarding communication-sharing to their employees. But some industries -- like finance and healthcare -- are faced with stringent compliance and regulatory requirements that may require taking
Actiance Vantage: An extra set of eyes and ears for IT
Actiance, a Belmont, Calif.-based UC security and management provider, offers real-time content monitoring, alerting and e-discovery technology for businesses with compliance regulations. The technology acts as an additional security and control layer for data and communications shared over UC, enterprise social tools and public instant messaging (IM) platforms.
Actiance Vantage platforms work on top of UC tools (like Microsoft Office, IBM Sametime and Cisco Unified Presence); enterprise social software (like IBM Connections, Jive and Microsoft SharePoint); and public IM platforms (like Google Talk, AIM and Skype). Actiance Vantage can be deployed on-premises, as an agent on the UC server in the data center or as a cloud offering.
The provider will soon be introducing Actiance Vantage 2013, an upgraded version of its Vantage platform that will support Microsoft Lync Voice, allowing enterprises to capture two-party and multi-party conference Lync Voice over Internet Protocol (VoIP) calls and metadata, said Scott Whitney, vice president of product management at Actiance.
More on Actiance Vantage and UC security
Actiance Vantage: Social media archiving a channel opportunity
New UC security threats leave UC platforms vulnerable
UC security: Presence management
Actiance Vantage can work with existing UC, social, and collaboration platforms for more granular policy-setting based on the group or user level, Whitney said. During a Lync VoIP call, specific keywords and phrases can be captured and alerts can be sent to supervisors for further review. "Just as enterprises can record application and file shares, now conversations can be recorded and stored in the database," he said. "Actiance [Vantage] provides full outbound and inbound call recording, and active compliance around whether the call should go through, depending on the users involved."
Many enterprise-grade UC, collaboration and social tools offer some degree of policy-setting and e-discovery capabilities, but third-party providers -- like Actiance -- are hitting the sweet spot in the market by offering overlay technologies to augment tools that enterprises -- especially those facing legal and regulatory guidelines -- already have in place, said Vanessa Thompson, research manager for enterprise social networks and collaborative technologies at Framingham, Mass.-based analyst firm IDC.
"As companies deploy these [UC] and enterprise social tools, there is a real need to add value to the existing deployments that they have, and they want that layer of control around how information is directed and distributed," Thompson said.
UC security: First comes policies
Third-party providers are starting to see where the potential security gaps are within enterprise UC platforms -- like Microsoft's -- and want to tie themselves into these large user bases by offering customers a value-add on top of these technologies, but enterprises should begin by revising their privacy and security policies first, said Michael Suby, vice president of research at the Stratecast division of San Antonio-based Frost & Sullivan Inc.
Users are pushing enterprises to adopt communication and information-sharing tools to make their jobs easier, and these tools can create a security risk if companies don't give their users guidelines, Suby said. "While enterprises can invest in technologies to find out who may be violating company rules around communications, they should start with their information-handling policies for employees."
While many vendors are advancing UC security to meet enterprise regulatory considerations, and service opportunities for third-party providers are emerging as UC technology advances, compliance starts with the company policy, Suby said. It will be difficult, however, for any enterprise to plug all the potential security holes around UC and collaboration. "It's become more of question of instilling policies as technology continues to move forward," he said.