Read more at:
In short, while there was no evidence that unsanctioned app use is routine or normalized, it is likely that enough staff are using them to make a serious breach possible at some point. The report concludes that one of the reasons staff have taken to these messaging apps was that they lack convenient alternatives. It recommends developing approved apps to remove this need, implementing a training program to ensure existing communication regulations are complied with, and limiting the authority to use messaging apps to senior staff, in specific circumstances.
What’s surprising about this is that it has taken a major political row at government level to raise an issue that enterprise CISOs have been grappling with for years: the effects of BYOD, shadow IT (and now shadow AI), and unsanctioned apps that creep into organizations without anyone realizing it.
Over the last two decades, the rise of mobile devices, the cloud, and apps has radically de-centralized IT in ways that top-down management models struggle to control. Meanwhile, nothing has changed; the Signal app at the center of this scandal remains hugely popular on both sides of the political divide, despite the appearance of additional issues with the technology.
