The banks are required to record all of the communications made by a large proportion of their staff. Probably they haven’t found a way to do that for WhatsApp or text, so those are not approved communications channels. If they aren’t approved, then why would they be on a work phone?
Of course the staff can break whatever rules they want, but they will be breaking rules. The banks make sure their staff know that, and as long as they’ve done all they can to stop it then what else can they do? There are always people who break the rules, and those who break the rules get punished when they’re caught.
This is in the same vein as the secret service text message debacle after the Jan6th stuff.
I think you’ll see this more and more as companies and government agencies try to reconcile regulations, cyber security controls, and business needs. Obviously there is a need for employees to communicate. There are laws surrounding record retention. And there are laws and needs for security controls to lock down phones, wipe data, etc.
Those three things don’t always align with each other and if your employees pick a different channel to communicate they you can’t control, then that’s a huge problem from a regulation and even a security perspective.
That said, locking down work phones is only going to push people to their personal devices and that creates way more issues overall.
If those are communication apps supported by the bank, that’s the idea. Banks have been hit with huge fines for employees communicating over unapproved channels.
One of the problems with the unapproved channels is that the bank can’t enforce a retention period. So written messages that are supposed to be kept on record for 10 years or whatever can get deleted. In the event of a lawsuit the bank can be fined for not having the messages.
I understand what they think will happen. But that doesn’t necessarily mean they’ll be using the banks approved channels etc. You can set up your own private channel in teams and in slack. If people want to communicate without having that info tracked by the bank or company or agency they work for they literally will use another service. Doesn’t even have to be teams or an approved one. This article talks about texts and SMS. But WhatsApp and signal and even discord exist (banning one but not the others is playing whack a mole). This seems like the companies trying to keep up with the times without a real plan that considers alternatives.
It’s just on work phones, they can do what they like on their personal phones of course. However, if they are discussing anything business related they’ll be fired and could be barred from working in the industry altogether.
HSBC etc completely lock down Teams etc, there is no private anything, it’s all monitored as long as its on their devices and accounts.
Traders and other front office staff will have every single phonecall, email, IM, voice chat, and video call monitored and stored for something like 7yrs.
You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: !technology@lemmy.world
This is a most excellent place for technology news and articles.
People are completely missing the point here.
The banks are required to record all of the communications made by a large proportion of their staff. Probably they haven’t found a way to do that for WhatsApp or text, so those are not approved communications channels. If they aren’t approved, then why would they be on a work phone?
Of course the staff can break whatever rules they want, but they will be breaking rules. The banks make sure their staff know that, and as long as they’ve done all they can to stop it then what else can they do? There are always people who break the rules, and those who break the rules get punished when they’re caught.
This is in the same vein as the secret service text message debacle after the Jan6th stuff.
I think you’ll see this more and more as companies and government agencies try to reconcile regulations, cyber security controls, and business needs. Obviously there is a need for employees to communicate. There are laws surrounding record retention. And there are laws and needs for security controls to lock down phones, wipe data, etc.
Those three things don’t always align with each other and if your employees pick a different channel to communicate they you can’t control, then that’s a huge problem from a regulation and even a security perspective.
That said, locking down work phones is only going to push people to their personal devices and that creates way more issues overall.
People will resort to slack or teams or whatever and the problem will persist.
If those are communication apps supported by the bank, that’s the idea. Banks have been hit with huge fines for employees communicating over unapproved channels.
One of the problems with the unapproved channels is that the bank can’t enforce a retention period. So written messages that are supposed to be kept on record for 10 years or whatever can get deleted. In the event of a lawsuit the bank can be fined for not having the messages.
I understand what they think will happen. But that doesn’t necessarily mean they’ll be using the banks approved channels etc. You can set up your own private channel in teams and in slack. If people want to communicate without having that info tracked by the bank or company or agency they work for they literally will use another service. Doesn’t even have to be teams or an approved one. This article talks about texts and SMS. But WhatsApp and signal and even discord exist (banning one but not the others is playing whack a mole). This seems like the companies trying to keep up with the times without a real plan that considers alternatives.
It’s just on work phones, they can do what they like on their personal phones of course. However, if they are discussing anything business related they’ll be fired and could be barred from working in the industry altogether.
HSBC etc completely lock down Teams etc, there is no private anything, it’s all monitored as long as its on their devices and accounts.
Traders and other front office staff will have every single phonecall, email, IM, voice chat, and video call monitored and stored for something like 7yrs.
Text messages have to be turned over for those pesky subpoena’s. Can’t be leaving evidence laying around.