Data encryption is necessary to help protect your company’s valuable data. It’s also important when you need to keep your company’s communications secure. For this reason, you need to consider updating your company’s communications solutions to ensure the strongest possible security – which typically includes encrypted messaging.
When it comes to adopting an encrypted messaging strategy, there are several issues you need to address. Here are five key strategies your organization should employ.
1. Look for End-to-End Data Encryption
Encrypting a company’s messages is essential for keeping unwanted eyes off important communications. As security expert Bruce Schneir notes, “encryption is a critical component of security.” And the stronger the encryption, the more secure our data and communications.
Encryption technology essentially scrambles a message or other data and then protects it with a super-strong password. The encrypted message is unreadable until the password is applied to decrypt or unscramble it. The stronger the password, the less likely that the encrypted data can be hacked.
Some encryption techniques encrypt messages when they’re sent to and stored at the service provider, often in the cloud. The danger with this technique is that messages can be intercepted going to or from the service provider, or even hacked when stored on the provider’s servers.
For messaging purposes, end-to-end encryption is a more secure solution. The process encrypts the message as it is sent and does not decrypt it until it has been delivered to the recipient. This ensures that any entity intercepting the message in transit cannot read it. The message remains encrypted until it is decrypted by the recipient.
End-to-end encryptions ensure that cybercriminals, hackers, and other malicious third parties cannot access, steal, or share your company’s private conversations. It also protects your company’s communications from unwanted government inspection. (This actually happens; the National Security Agency has admitted to collecting more than 200 million messages a day both domestically and around the globe.)
Your company needs to adopt a strategy of strict end-to-end encryption and choose a messaging app that employs this method.
2. Look for a Multi-Platform Solution
The people in your organization communicate with each other in many different ways, using many different types of devices. It is especially true when it comes to messaging; some people use their phones, others tablets, still others use their laptop or desktop computers. Your company’s messaging solution must be able to work across all platforms and operating systems – Windows, MacOS, Android, iOS, even Linux.
According to StatCounter, Android has the largest market share of the operating system market, at 39.6%, followed by Windows (35.8%), iOS (13.8%), and OS X (6.1%). This means that a messaging app designed exclusively for use on mobile phones is useless for most organizations. The app must work across all phone and computing platforms. It must apply the same end-to-end encryption on all platforms and devices and must do so seamlessly. You need a messaging solution that does not exclude any device or platform used by your employees, vendors, or customers. It must be a multi-platform solution.
3. Look for a Solution That Deletes Old Messages
Your encrypted messaging solution is stronger if old messages are not stored forever, either on a central server or on individual devices. Stored messages, especially those that are not encrypted, are ripe for cybercriminals. Why bother intercepting a message in transit when you can steal it at its source, or in the cloud?
Consider where messages can be stored. Messages can be stored on their original sending devices – employees’ computers or mobile phones. Messages can also be stored on recipients’ devices. And messages can be stored at the service provider.
Messages stored at any of these points are likely to be unencrypted – especially employees’ personal devices. A malicious third-party gaining access to a single unprotected phone could gain access to all of the messages sent and received by that person.
For example, in November 2018, 26 million text messages were exposed in a data breach at a California-based communications firm. The messages were stored in a database in the company’s servers – and weren’t even password protected. If those messages had been deleted instead of being stored, they couldn’t have been stolen.
For that reason, your encrypted message strategy should include automatic deletion of secure messages, on all devices, such as Wickr’s “burn on read” functionality. There should also be no messages stored centrally on the provider’s servers. History, as it were, should be deleted before it can fall into the wrong hands.
4. Look for a Solution That Does Not Collect Metadata
In addition to deleting message content, your messaging solution should delete or simply not store metadata relating to those messages. Metadata is information apart from the message itself that includes data about the message activity – the identity of the sender and recipient, when the message was sent, IP address, device types, and more.
Accessing metadata can tell a third party quite a bit about a company’s communications. In the hands of a skilled cybercriminal, it can even suggest the content of the attached messages. It is unfortunate that many popular consumer messaging apps, such as Whatsapp, collect a bevy of metadata about every message sent on their services.
For these reasons, your encrypted message strategy should include solutions that either do not collect metadata or that automatically delete it upon message receipt.
5. Adopt a Solution that Integrates with Your IT Platforms
Ensuring your encrypted messaging app integrates with services and platforms your company already uses makes the set up process easy. Apps that support SSO, MDM and Active Directory help simplify deployment and ensure you control your data. Most importantly, when employees no longer need to remember a separate login and password, their use of a secure communications platform becomes seamless, and the entire organization becomes more protected as a result.
Wickr: An End-to-End Encrypted Messaging Solution
Wickr understands the value of secure messaging. Wickr is an open-source solution that offers secure messaging with state-of-the-art end-to-end encryption. Contact us to learn more about how Wickr can be part of your encrypted messaging strategy.
For ideal messaging solutions with end-to-end data encryption, download Wickr today!