A project manager is leading the development of a new mobile banking application. The project team is small, cohesive, and has a strong history of working together with high mutual trust. A developer suggests using a popular, unencrypted instant messaging service for quick discussions about client data integration to speed up the process. What is the project manager's BEST course of action?
Ask the team to create a private, invitation-only channel on the messaging service for project discussions.
Mandate that all sensitive data discussions occur only on the company's approved, end-to-end encrypted communication platform.
Document the risk in the project log and remind the team to be careful about what they share on the platform.
Allow the use of the messaging service to maintain team morale and agility, trusting the team's discretion.
The correct action is to mandate the use of a secure, company-approved communication platform. While team trust is valuable for collaboration, it does not provide technical protection for sensitive data. Communication security relies on implementing formal controls like encryption and using approved, secure channels to protect information from interception and unauthorized access. Using an unencrypted public platform for sensitive data, even in a private channel, poses a significant security risk. Monitoring the chat or simply asking for a private channel does not mitigate the fundamental lack of encryption.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What are some common security measures to protect project information?
Open an interactive chat with Bash
What is encryption and why is it important?
Open an interactive chat with Bash
Why is trust among team members not enough for communication security?