We all know the story of Goldilocks and her ill-fated visit to the house of the three bears. What lesson, if any, one might take away from this story is that too much of a good thing doesn't necessarily make it the right thing. Porridge is best hot, but too hot and that's not good. Big chairs are big, but if they're too big, they're not comfortable.

What is true for Goldilocks -and bear with me on this analogy here -is also true when considering security technologies for business. These days, the industry is abuzz with consumer players that have decided to implement end-to-end (E2E) security in their messaging products. It started with Apple and its battle with the U.S. government on access to iPhone data. Then, WhatsApp switched its messaging technology in such a way that no one could have access to messages except for the end-user client. Recently, rumors have circulated that Facebook plans to make a similar change for Facebook Messenger.

When evaluating messaging technologies for the workplace, these kinds of solutions seem like they would be a good thing. But if you dig a little deeper, they're not. The reason is that the workplace environment requires that certain parties can access message content. The legal department will need access in case of a lawsuit. The infosec department will need access when tracking a possible data leak. They may also want real-time access in order to audit shared content to make sure users are complying with company policy (e.g., no sharing of restricted information with outside parties).

As such, when evaluating messaging technologies, the question to think about is: What parties should have access to content, and which should not? When you do that, you quickly draw a simple 2