Slashdot Mirror
Deutsche Bank Switches Off Text Messaging (smh.com.au)
Deutsche Bank has banned text messages and communication apps such as WhatsApp on company-issued phones in an effort to improve compliance standards. From a report: The functionality will be switched off this quarter, chief regulatory officer Sylvie Matherat and chief operating officer Kim Hammonds told staff in a memo. Unlike emails, text messages can't be archived by the bank, said a person with knowledge of the matter who asked not to be identified discussing internal matters. "We fully understand that the deactivation will change your day-to-day work and we regret any inconvenience this may cause," Matherat and Hammonds said in the memo. "However, this step is necessary to ensure Deutsche Bank continues to comply with regulatory and legal requirements." The policy also applies to private phones used by employees for work purposes. Communication apps such as WhatsApp, Google Talk, iMessage are also prohibited, the memo said.
Unfortunately this is starting to occur is lots of places. Companies are being forced, or choosing to, move away from real time communication back to email in large numbers due to laws around compliance and a desire to comply at the lowest possible cost. Personally I see these moves as harmful to the business long term but the management I've spoken with about the issue are not interested in taking on that challenge now.
Deutsche Bank is apparently the last remaining hold out to the "BYOD" model....
My eyes reflect the stars and a smile lights up my face.
[nt]
File under 'M' for 'Manic ranting'
If this is just for recording staff communications for regulatory purposes then what they need is to mandate use of an app that will do just that. There will be a few around; I bet China can supply one.
Too bad there wasn't a real time communication method where you didn't have to type and was secure - all you'd have to do is speak.
I'll think I'll write an app where you talk, it then produces text and then the receiver hears the text translated into sound and they can then hear it. I'll give it some cutsy catchy name like tell-La-fone!
I'll get funding from some Silicon Valley VC, and eventaully the valuation will become ONE HUNDRED BILLION DOLLARS and we'll go public and the stock will sell for hundreds of dollars a share even though we're burning through hundreds of millions of dollars in cash.
I'll do guest appearances on TV shows, make outlandish claims (I see tell-LA-fone booths on Mars!) and folks will call me an innovative GENIUS!
Yessiree! Making money the Silicon Valley way - legally scamming people.
Unfortunately this is starting to occur is lots of places. Companies are being forced, or choosing to, move away from real time communication back to email in large numbers due to laws around compliance and a desire to comply at the lowest possible cost.
Actually, it's because they want their staff to actually work. Not mindlessly gossip over instant messenger with their mates.
Personally I see these moves as harmful to the business long term
Most instant messengers don't offer end-to-end encryption so if you're not shittalking with mates I assume your discussing work with co-workers and possible violating your NDA at the same time.
What's the betting that another department complains about this breaking their SMS based two factor authentication once this is rolled out...
Sigs are so 1990s. No way would I be seen dead with one.
It's great. You don't want a bank, or any other major business to be run in a way where information moves in inscrutable ways, nobody knows who said what, when and to who. With email there's a trail, it can trivially be secured with GPG, and while there's much to be said about organisation of emails, it's lightyears ahead of what the various chat services offer.
Seems like someone finally reined in the cavalier egomaniacs.
If your company has a blackberry enterprise server installed, you can easily configure the phones to log everything to the central company-owned server: http://support.blackberry.com/...
Of course, nobody cares about anything but Ooh! Shiny! anymore...
Maybe it would be smart for banks to develop some kind of way of doing communications that is a bit more secure though.
I use Signal at my job to exchange information between clients and myself that we don't want going out across networks or being archived - for example: temporary credentials, discussions of software vulnerabilities and how to handle them, certificates & keys for https, etc...
I'm not comfortable sending those across the wire without end-to-end encryption.
Also sometimes there are "personal" matters that clients want to discuss in un-monitored channels. I've had clients having bad days stop to tell me about spouses undergoing chemo, their children struggling at school, marital issues, and other very personal things. And I listen because I genuinely do care. It also has a secondary advantage for the company I work for; the client relationship is stronger because it's more personal and built on shared experiences and trust. When projects struggle, when there are issues with deliverables, or any of the myriad of things that come up in software development that harm company-to-client relationships, it can be very useful to have people on both ends (client & service provider) that have more than just a wildly abstracted professional connection.
I get why banks are doing this, but there ARE many legitimate reasons to go out of band. The law is at fault here, but only in a very loose way. There may not be a way to fully legislate this properly (at least not that I can think of). There may be a case to be made for Banks implementing something like this block, and having some policies in place, but to not make it *too* hard to circumvent for valid reasons.
In any case, email isn't a very secure medium, I'm not sure I'd want all communication routed through that.
Exactly, and things like whatsapp are specifically dependant on one particular company which is bad newsletter to begin with.
If it means going back to people actually waiting until they get out of meetings and having the minutes written up rather than sending out a chain of emails or texts directly from the meeting that then contradict each other because they revisited the topic two or three times than I'm all for it.
> With email there's a trail, it can trivially be secured with GPG
And with DKIM signatures (needed to send email to Yahoo users) you can even prove that the message in evidence is actually what they sent - it hasn't been modified. Podesta, Donna Brazile, and Time Kaine found that out the hard way.
I get the joke you are attempting to make, but what about the whole needing to log the conversation part?
Actually, now that I ask that.. so they are banning text messaging because texts cannot be logged. Are they also disabling the ability of these work-issued smart phones to function as, well, phones?
It is more around ensuring IM is recorded. You can still run OCS, for example, but everything is stored in case you want to manipulate LIBOR or something. There are places where encryption is important such as Mergers & Acquisitions but it really is just about ensuring that there is a log of all important communications.
Given the regulatory requirements this makes sense. At one major US financial institution, where I worked, this is the norm, because the risk of information leakage is an issue. You even need to use application such as Mobile Iron or Good for accessing company e-mail. Company issued iPhones had the the essentials an nothing more, with certificates limiting what you could do with the phone.
At the same time, there was a move towards BYOD, which does provide a bit of a chink in the wall, but still requires Mobile Iron or Good for accessing company e-mail and a certificate limiting certain operations. You can't copy/paste from Mobile Iron or Good, for example.
These companies need to show to regulators that they are meeting requirements and maybe even going slightly beyond. All e-mail in and out is recorded for 7 years.
Jumpstart the tartan drive.
I'll think I'll write an app where you talk, it then produces text
That'd be a killer app. Double the killer, in fact.
The day Kim Hammonds left the company I work for, there was a lot of celebrating among her lower employees! ðYZ
Employees are still free to make a phone call, if you ask me...
"Trump!!", the new Godwin.
Don't worry, every phone conversation is being recorded.
"Trump!!", the new Godwin.
> Companies are being forced, or choosing to, move away from real time communication back to email...
SMS is _not_ real time communication. It's a least-effort, lowest-priority, no guarantees data transmission service. I regularly see SMSs delayed by several tens of minutes. I've had many SMSs delayed by _days_. I've had a few SMSs delayed by _months_. (No, that is not an exaggeration, that is the literal truth.)
Email (modulo hyper-aggressive spam filters) is more of a real-time communication service than SMS could ever be.
Nope, this have nothing to do with private chats or calls during work hours. They cannot ban Whatsapp from private phones, only require that they are removed from private phones that are enrolled in their BYOD infrastructure (on Android and iOS, you can enforce this too). Instead of having a policy that requires employees to only use business-approved channels for business-related communications (and perhaps reinforce that policy with a short mandatory CYA* E-learning course), they opt for the easiest way to comply. As always.
*) CYA = Cover Your Arse.
If construction was anything like programming, an incorrectly fitted lock would bring down the entire building...
I think it'll be interesting to see if it actually does hurt productivity.
Here's what I think will happen. A very few people will be seriously hampered in their work. Most people will end up about as productive as they were before. And some people may do a little better.
Post may contain irony: discontinue use if experiencing mood swings, nausea or elevated blood pressure.
Text messages definitely can be logged. Several mobile networks in the UK sell mobile recording to banks etc. O2 is one. Voice is recorded and so is SMS. MMS and apps like Skype, iMessage, Whatsapp etc aren't allowed since the encryption prevents recording. This has been the case for years so this isn't particularly newsworthy that yet another bank is doing it. Voice and SMS works fine, it's just smartphone functionality that's restricted.
The alternative is ban all use of mobile phones (voice and messaging) so that they only need to record landlines calls, email and internal IM. Some banks do do that to save on compliance costs.
Don't forget bugging every conference room, hallway, closet, and bathroom stall - we wouldn't want any uncataloged near-real-time communications, would we?
Slashdot still doesnâ(TM)t support Unicode after it was added to the HTML standard in 1997.
Good News! Trump has been elected president! Your phone calls are all going to be recorded and save indefinitely should the government need to detain you for political reasons.
"That's the way to do it" - Punch
Lazy. Plenty of real-time comms. services that allow retention for compliance.
Slack.
If only there were a technology where every transaction was recorded in an irrefutable way in a public ledger.
Where are we going and why are we in a handbasket?
Even better news!! The Obama Administration has 8 solid years of recordings already in place, for political or apolitical detentions. PLUS since you ordered in 2008, they've also got the GPS tracking data to hunt you down!
break out the tin cans and string!
Your phone calls are already being recorded...
"Trump!!", the new Godwin.
>>Actually, it's because they want their staff to actually work. Not mindlessly gossip over instant messenger with their mates.
THIS.
I used to work for a company that used MSN Messenger as an in-house communications tool. They'd use your company email to make you an account, etc.
You were only supposed to add people on your immediate team, and supervisors (up to 2 levels above you). They canned the idea when a large number of people had every single co-worker on theirs and just IM'd them all day long.
It isn't this.
Still crying over the fact that the pro war pro corruption candidate lost?
He isn't even in office and you people bitch grow up.
Your in-house coders create their own Instant Messaging application.
All messages are encrypted in transit and flow through centralized company owned servers where any and all messages can be retained for however long you need them to be.
Ours supports simple text messaging, behind the scenes encryption, file transfers, multi-user group meetings, screen sharing / remote access, employee searches, etc. etc. It's probably more robust than many commercial texting systems are.
Hell, I even get a daily digest of all my messages in an email so I can keep them for record purposes and future referencing myself.
For banks it is actually a bit more than just a need to log important stuff.
The regulator demands that there is a record of ALL messaging interaction with functions like trading. This is important if they need to track down collusion as happened in the LIBOR situation.
DB were heavily criticized (and fined) for not fully logging all such traffic. If the other bank does produce a record of messages and you dont, then you really are in trouble.
move away from real time communication
Nope. They are only moving away from third party real time communication. I see Lync *ahem* Skype for Business being deployed more and more in every direction. It has all the features of real time communication like WhatsApp, messaging systems, including phone systems, the ability to replace traditional VoIP phones (sign of the times that VoIP is now traditional), AND the company can log the communications.
Why can't e-mail be real-time? How much time does it take to deliver a message with proper infrastructure? Why couldn't a messaging application use RFC822 as its communication protocol?
Ezekiel 23:20
Instant Messanger can be used and remain compliant with any number of country/local laws. Why has a large entity such as Deutsche Bank not implemented this yet in their infrastrucutre?
This is by no means the first work phone to prohibit SMS. But I do wonder how they accommodate 2FA.
Great for traders and anyone else that can fix markets, etc.
Dreadful for devs who just wanna talk about code.
Banks are just plain stupid, I reckon >50% of their staff have to do irrelevant quarterly training for scenarios they cannot ever encounter, I've had to do countless anti-money laundering training, despite lacking any access to any production system or data.
It's impossible for me to launder money, fix a market, etc. So I should be free to use whatever tool makes me the most productive.
They're preventing third party messaging apps from running on company devices. It's no different than not allowing someone to run Google Hangouts on their work computer. It's a non-story.
They more than likely have an in-house IM product which is compliant. So company communication is done using company tools.
This whole BYOD craze still has me shaking my head. Why would I want to be connected to work 24/7/365.25? When I leave work I leave work. My cell phone number is on my public contact card if people need to reach me after hours.
Doing work on personal phones will be banned shortly - and if you need to do work on a telephone, you'll be issued with one to carry for work purposes. If you want to carry a personal phone too, that's your choice. Don't expect work to either pay for it, or acknowledge it's existence.
Birds are not dinosaur descendants;birds are dinosaurs, for all useful meanings of "birds", "are" and "dinosaurs"
I'm not an American so you guys feel free to fight amongst yourselves over who was the more worst-er candidate, it gives the rest of us gold like implying Trump isn't corrupt :'D
As for war, well, he seems far more likely to start one to me as an outsider... he might need to as well in order to make America great again since, you know, it was war-time manufacturing that brought about the end of the great depression which would probably be the beginning of the greatness he references.