Metrigy’s recently published Workplace Collaboration and Contact Center Security and Compliance: 2026 global study of 305 organizations notes organizations are increasing their efforts to ensure compliance as AI dramatically reshapes internal and customer-facing communications. Compliance leaders are now heavily involved in application selection and roll-out, with 71.9% of participants saying that compliance officers provide app selection guidance, and nearly 57% saying that compliance teams must approve new communications apps.
Unfortunately, just half (49.8%) of companies have implemented a structured security and compliance program to protect their data assets and applications. Nineteen percent combat risks by blocking apps or turning off features such as meeting recording and transcription, AI copilots, or employee video creation. Often the “just say no” approach leads to the rise of shadow IT, with employees resorting to using unapproved applications, like AI notetakers, outside of IT control. Shadow IT creates potential risk of data loss, and as we’ve seen repeatedly over the last few years, the potential for large fines resulting from the use of non-compliant unsecure and unmonitored communications channels.
Proactive Strategy = Real World Benefits
Absent a proactive security strategy organizations are often unable to take advantage of emerging communications, collaboration, and customer engagement capabilities. However, Metrigy found a strong correlation between having a plan, and real-world benefits. Rather than create friction, security and compliance programs helped generate greater productivity through better application engagement. In our study, more than 53% of our success group, defined as those companies with above average ROI (in terms of cost savings and/or productivity gains) for their collaboration investments had a proactive security plan, compared to just 48% of those with no or below-average ROI. We saw an even stronger correlation on the contact center side where 58.3% of our success group (defined as those with above average improvements in customer satisfaction metrics associated with investments in customer experience technologies) had a proactive security and compliance plan in place. Just 45.9% of the non-success group had such a plan.
Benefits of Third-Party Security and Compliance Platforms
Third-party security and compliance platforms foster the adoption and management of collaboration and customer engagement tools by ensuring consistent policy enforcement across multiple applications, including rapidly adopted AI tools. They also typically reduce the time required to conduct regular compliance audits. In our study, 42.2% of our success group has adopted a third-party management solution, versus just 25.5% of the non-success group. Overall, 31.5% are using a third-party compliance management platform today, with another 21% planning to adopt one in 2026. Third-party compliance management platforms like Theta Lake, provide consistent retention, reconciliation, eDiscovery support, and classification across a range of channels including email, chat, voice, and increasingly, AI-generated content such as meeting transcripts and summaries. AI is increasingly becoming a driver for compliance management platform adoption with nearly 70% of participants saying they are adopting compliance management to safely allow them to deploy AI tools.
Bottom Line
A proactive approach to ensuring workplace collaboration and contact center security and compliance is a must to minimize risk and to safely realize the benefits of emerging technologies. IT, business, security, and compliance leaders should:
- Implement a Structured Program: Immediately establish and implement a formal, structured security and compliance program for all workplace collaboration and contact center platforms to protect data assets and applications.
- Shift from Restriction to Management: Avoid the “just say no” approach of blocking features. Instead, adopt a proactive strategy and third-party tools to meet compliance requirements for emerging communications (like AI copilots and meeting transcription) and manage the associated risks, thereby preventing the rise of shadow IT.
- Invest in Third-Party Platforms: Evaluate and adopt dedicated third-party security and compliance platforms. Prioritize solutions that offer consistent policy enforcement across multiple applications and capabilities comprehensive compliance management, including consistent retention, eDiscovery support, and content classification for all channels (email, chat, voice), particularly AI-generated content.
- Ensure Compliance for AI Adoption: For successful deployment of AI tools, prioritize the adoption of a compliance management platform, as this is a key enabler for safely integrating new AI capabilities.
ABOUT METRIGY: Metrigy is an innovative research and advisory firm focusing on the rapidly changing areas of workplace collaboration, digital workplace, digital transformation, customer experience and employee experience—along with several related technologies. Metrigy delivers strategic guidance and informative content, backed by primary research metrics and analysis, for technology providers and enterprise organizations
By Irwin Lazar, CISSP, President and Principal Analyst, Metrigy