Shadow It, Googligan And Workplace Productivity

February 10, 2017 / in Blog, Encryption/Security / by Zafar Khan, RPost CEO

Service professionals and business managers are continually trying to improve workplace productivity, not just to increase profits but also to reduce tedium in their daily work flows. Web applications for customer relationship management (Salesforce.com), professional networking (LinkedIn), messaging, e-signing, and file sharing (RPost), for example, can be extremely helpful tools for streamlining work flows.

But what happens when well-intentioned employees bypass their IT departments’ approved apps (Salesforce.com, LinkedIn, RPost) and instead install novelty apps onto their computers and mobile devices, as many people are apt to do? When employees start using tools that are not officially approved by their companies, these tools become part of what’s called Shadow IT. These are applications operating in the shadows, whether they’re productivity-enhancing like password management apps — or productivity-draining, like fantasy sports apps.

Shadow apps can be malicious, intentionally or not, creating security concerns for a corporation and in some cases, providing entry into corporate servers and databases. Cisco reports that a third of malicious apps are marketed as productivity tools, making it less suspicious when these apps request broad permissions to “help” with calendars, emails, contacts, and other sensitive information.

Malicious apps also pose as legitimate apps for Android smartphones. In November, 2016, Google discovered that a Trojan (horse) called Googligan was present in 86 fraudulent apps, some of which could be downloaded on Google Play and many that were available from third-party app stores. The malicious apps had innocent sounding names like StopWatch, Perfect Cleaner and Wi-Fi Enhancer.

Before downloading an app, check with your IT professional to see if there are any security concerns. As an example only, here are some of the most banned apps in corporate workplaces, according to Fraudwatch International.

Top Banned Apps by Companies

    • WhatsApp Messenger
    • Zoho Accounts
    • SoundCloud
    • Power Tools
    • Pinterest
    • Free Rider HD
    • Airbnb
    • Madden NFL Mobile
    • CodeCombat

Source: Fraudwatch International

Lifehacks for the Workplace

In light of these risks, how can you safely use technology to increase workplace productivity? One easy way is to better manage your Microsoft Outlook inbox using Outlook “rules”, keyboard shortcuts and optimized sorting. Learn how to “Tame Your Email Inbox” by watching Steve Anderson’s recorded webinar on the topic. Steve is a noted expert in insurance cybersecurity and workplace productivity. Read more email management tips from Microsoft. Try turning off email pop-ups and notifications, and take a break from processing email throughout the day.

Another email productivity tool to consider is RMail’s SideNote feature, which allows you to append a yellow sticky-note to an email, visible to only the copied (CC or BCC) recipients. SideNote solves the problem of having to send a separate email or make an extra phone call to provide copied recipients context as to why they were copied and what action they should take — often context that one might not want the “To” recipient to see.

For example, if you are sending a document to a client, you can CC or BCC your associate and include some background information on the client: “Please follow-up on Tuesday, this is an important client” or “This is a prospective advisory client, can you follow-up with a call in two days.” This saves time and confusion, eliminates sending email and then going to the “sent” folder and forwarding the email to your internal staff with context, and you’ll get the added benefit of email open tracking reported in the RMail Registered Receipt™ returned email record.

Also, consider practicing established etiquette for sending with CC (limit to two or three recipients, not the whole office) and BCC (use sparingly — only when there is no risk of ill will if/when the “To” recipient discovers that others were BCC’d. This sometimes happens when a BCC’d recipient replies to all.)