The IT Nerd

Exclaimer today announced a new integration with Workday, enabling  organizations to use employee data from their HR system to automatically populate email signatures and video meeting themes.

Workday counts more than 75 million users under contract globally, all of them sending emails with little to no direct connection between their HR record and their email signature. For many of these organizations, Workday is the primary system of record for employee information, from job titles to contact details. But that data often does not carry through to everyday communications. Instead, details shared in email signatures or on meeting are still maintained through an IT-managed directory, manual updates, CSV uploads, and directory workarounds.

As organizations hire and scale, this disconnect can quickly lead to outdated or inconsistent employee details. This increases the workload for IT teams and a higher risk of incorrect information appearing in business communications, undermining professionalism, trust, and compliance. These issues are especially visible during setup and onboarding, where data inconsistencies can delay deployment and create friction during evaluation and rollout.

According to Exclaimer’s recent State of Business Email report, over a third (35%) of global IT teams rank email signature management among their most time-consuming email tasks, while 80% still rely on manual methods or user self-service. Notably, in 16% of organisations, responsibility for email signatures sits with HR, second only to IT, highlighting the growing overlap between people data and everyday communications. With 92% of leaders agreeing that consistent, well-managed signatures are important for building trust and professionalism, the pressure to get this right continues to grow. 

Bringing workforce data into everyday digital communications
This integration allows organisations to use Workday as an employee data source within the Exclaimer platform, alongside directories such as Entra ID (Azure AD) and Google Directory. It extends existing HR and data protection controls into email signatures and meeting themes, so employee data is applied where it’s needed without being duplicated or recreated across systems.

With Workday integration, organisations can:

• Use Workday as a trusted data source – Bring employee details like names, job titles, departments, and contact details directly from HR-managed records into email signatures and meeting themes.
• Reduce manual updates and workarounds for IT – Move away from CSV uploads, ad hoc scripts, and directory fixes with a governed integration that keeps employee data in sync automatically.
• Keep HR as the data owner while IT governs the platform – Maintain clear ownership boundaries by enabling HR to manage employee information in Workday, while IT manages access, deployment, and policy within Exclaimer.
• Maintain accuracy through constant organisational change – Keep signatures and meeting themes aligned as teams grow, evolve, or go through mergers and acquisitions, without repeated clean-up cycles in the directory.

Built for communications governance and data accuracy

Trusted by more than 9 million users across 75,000 organisations worldwide, Exclaimer processes over 20 billion email signatures each year and supports branding across video conferencing platforms including Microsoft Teams, Zoom, and Google Meet.

Email signatures and meeting branding are high-volume, high-visibility touchpoints where inaccurate information is quickly noticed. Yet in many organisations, employee data is still managed separately from the systems used to deliver these communications. With the addition of Workday, Exclaimer connects HR systems directly to these channels, helping organisations keep employee details accurate, consistent, and up to date across communications that carry real weight.

Immediate availability

Exclaimer’s Workday integration is available as part of the Pro plan. Customers can connect Workday and start applying HR-managed employee data to email signatures and meeting themes.

For more information, or to see Exclaimer’s Workday integration in action, visit exclaimer.com and start a free trial.

Exclaimer today announced a reminder for organizations to prioritize email communications governance. On World Cloud Security Day, most organizations are focused on securing access to their cloud systems. But far fewer are asking a more difficult question: what happens after a user hits send? According to Exclaimer, one of the most under-governed areas of enterprise communication is outbound email.

Email continues to sit at the center of modern business operations, yet it is also one of the most widely used and least consistently governed communication channels. According to IBM’s Cost of a Data Breach Report 2025, the average data breach in the US now costs $10.22 million, and it takes organizations an average of 258 days to identify and contain an incident. These findings highlight how gaps in visibility and control persist across the enterprise, including in how communication is created and sent.

Cloud security has matured significantly when it comes to controlling access to systems, but governance of communication within those systems hasn’t kept pace. Governance often breaks down at the point of execution, where individual users, manual processes, and fragmented tools create inconsistency and reduce control. Findings from Exclaimer’s State of Business Email 2025 report reinforce how widespread this gap has become, with 83% of organizations reporting issues related to email misuse, inconsistency, or risk.

A shift from access risk to communication risk

Exclaimer, recently named for its leadership in SaaS and cloud workplace culture at the 2025/26 Cloud Awards, says this highlights a broader issue in how businesses approach cloud security.

When 83% of organizations are already experiencing email-related challenges, this shows the issue is no longer awareness, but how consistently organizations can apply control. And control breaks down quickly when critical elements like disclaimers, branding, and compliance messaging are left to individual users to manage and implement. As communication scales, this challenge is only intensifying. IBM’s research shows that one in six data breaches now involve AI-driven attacks, underscoring how quickly the volume and complexity of communication is increasing.

The governance gap in enterprise communication

Findings from Exclaimer’s State of Business Email 2025 report reveal a growing gap between how organizations secure access and how they control communication. While investment in platforms like Microsoft 365 and Google Workspace continues to rise, only 41% have fully integrated email into their broader security and compliance stack.

In regulated industries, this can introduce real exposure, where missing or inconsistent information may fall short of legal or industry-specific requirements. Even outside of compliance risk, inconsistent outbound communication can erode trust, particularly when customers expect accuracy, professionalism, and clarity in every interaction.

Security at scale requires real-time control

As email volumes increase and communication becomes more distributed across users, devices, and AI-assisted tools, ensuring consistency can’t depend on manual action, it requires policy-driven enforcement that operates in real time, across the entire organization.

Learn more at www.exclaimer.com

Here’s some 2026 industry predictions from Karl Bagci, Head of Information Security at email signature management software provider, Exclaimer for your review. 

1. The major 2026 security shift most organizations aren’t prepared for

The biggest unacknowledged shift heading into 2026 is that the authentication layer is no longer the perimeter. Attackers aren’t breaking in, they’re logging in. Session hijacking, token theft, infostealer malware harvesting credentials at scale. Most organizations still treat successful authentication as proof of legitimacy. In 2026, that assumption will cost them. Continuous verification throughout a session, not just at login, is where we need to be and almost nobody’s there yet.

2. Where the shared responsibility model will fail next

The next fault line in the already strained shared-responsibility model will arise from AI features embedded in SaaS. Every vendor is bolting on AI capabilities, often using third-party models and often processing customer data in ways that aren’t transparent. The shared responsibility model assumes clear boundaries. AI blurs them completely. When your CRM’s AI assistant summarizes confidential deal notes and that data trains a model or leaks across tenants, whose responsibility is that? The contracts will say yours. The reality is you had no visibility or control.

3. How attacker behavior will escalate in 2026

The next evolution in attacker strategy will be AI-powered social engineering at scale. Today’s business email compromise (BEC) is still largely manual. Tomorrow’s is automated and personalized. AI scrapes LinkedIn, correlates with breached data, and generates contextually relevant messages for thousands of targets at once. Each one referencing real projects, real colleagues, real details. Attack quality goes up. Volume goes up. Current defenses are calibrated for neither.

4. Why compliance will have to extend beyond email

A major compliance shift is coming for regulated industries as regulators begin questioning why email is compliant, but other business channels are not. Organizations spent years building email retention, disclaimers, legal holds, and audit trails, then moved half their communication to Teams and Slack with none of that infrastructure. Financial services, legal, and healthcare all have strict requirements around communication records. The regulatory expectation is forming and extending compliance controls across all digital communication channels is no longer optional. I believe enforcement will follow.