Free apps open the discussion, but businesses need more from their secure messaging tool than free
Free secure messaging apps—the usual suspects people download when they realize how insecure email other chat apps are—are essential to the messaging encryption industry (and you can learn more about this in our secure messaging app landscape post).
We believe the more people who are aware of private and secure encrypted messaging app options—and understand the absolute need for them—the better. But the truth is if a business wants to commit to secure messaging, the usual suspects aren’t good enough and will cause headaches. The usual suspects don’t come with support. The usual suspects rely on you ensuring your device is secure.
The usual suspects don’t worry about anything outside of their app—like protecting your network connection. For a business, for people who need absolutely secure messaging, the usual suspects aren’t going to cut it. This is where business-grade solutions, such as SKY ECC and our app features, fit in. Here’s how it pans out.
Which encrypted messaging app to choose?
Everyone comes to the encrypted messaging app discussion with their own favorites. Maybe they have an established contact list and don’t want another app. Maybe it’s a technical preference for one protocol over another. Wherever people are coming from, it’s usually not with the best long-term choice for a company in mind. Why would it? If you and your friends are chatting with each other, thinking about how an app would fit into a corporate environment isn’t top of mind, and frankly that’s okay.
The problems creep in when you take your preference for one free app or another and bring that to work. Picking an app among friends is one thing. Picking an app you’re using to protect your business communications and data is another. You shouldn’t base the choice solely on personal preferences or cost (i.e. free vs paid).
What should go into the decision? Dr. Galina Datskovsky hits a few of the big ones here in this excerpt from her post:
Consumer Messaging Apps: A False Sense of Security for Business. Unfortunately, since consumer-grade messaging applications weren’t initially designed with the intent of organizational use, they are not adequately equipped to provide the security required for business. Although end-to-end encryption protects against outside monitoring when messages are in transit, consumer-grade messaging applications provide no protection against someone screenshotting, sharing or forwarding a message to an unintended recipient. This means that once a message is received, it can be leaked with relative ease. The fact of the matter is that encryption, in and of itself, only goes so far to keep communications protected. (Think that deleting data means hackers can’t see it? Think again: Never Really Gone: How to Protect Deleted Data From Hackers.) From: Security Boulevard
Consumer-grade apps skew towards the convenience side of the convenience vs security continuum. This isn’t a bad thing. Successful mass-market secure communications apps have to be easy to use. You need to eliminate any friction between downloading the app and starting to use it. Most of the free end-to-end encrypted apps I’ve tried (and I’ve tried nearly all of them), are easy to use and you can be chatting with people quickly. Not a bad thing, but once you start using the app and run into problems, consumer-grade apps let you down.
Commercial and business-grade apps aren’t any harder to use or deploy than their consumer counterparts. The difference comes down to the extra things you get then you are paying for a solution. Things like support. Things like dedicated infrastructure. Things like thinking beyond the app and to the entire communication environment. What should go into deciding on a secure messaging app for your business? Here are a few things we think you should consider.
What makes a good encrypted messaging app for business?
One of the most important decisions is how far down the convenience vs security continuum you want to go. Facebook Messenger, very convenient, not very secure. Consumer E2EE messaging apps (i.e. ones that can be downloaded for free from the major app stores), pretty convenient, pretty secure.
Farther down the line is making a personal device part of a managed device group (BYOD). This is a good option if you want to secure files and communications, but don’t want to make people carry two devices.
The next step down the line is giving people a managed company phone that is secure, but things like the camera, Bluetooth, and installing apps (with permission) are still enabled. This is the “you have to carry two devices if you want a work and personal phone”. Some companies allow employees to use the phone as a semi-personal phone (the company owns it, but you can treat it like it’s yours), but can become tricky for both employees and the company.
The next—and probably last in the “secure as practical and not resort to carrier pigeons” line—is a locked-down device that is for encrypted communications and nothing else. We are fully in carrying a second device territory now and locked-down devices typically restrict features like Bluetooth, installing apps, using the camera, screenshots—anything that could present a vulnerability.
These aren’t extreme precautions. Many industries working on sensitive intellectual property, complex negotiations, or with personnel traveling to countries where electronic surveillance is common need this degree of protection and security. Things to consider in your secure messaging solution for your business:
- Do you need locked down, secure devices or are off-the-shelf devices okay? If you only need support for files and BYOD, off-the-shelf devices will suffice, but for sensitive discussion premium secure devices are a must. There have already been cases of supply-chain attacks inserting malware at the factory into budget Android devices. Secure messaging solutions should be installed on devices that have superior hardware and software protections against tampering.
- Do you only need to manage data on devices with company data or do you need a messaging solution? Managing data only falls under Device Management Solutions, secure messaging brings in considerations of who people should be able to contact and how restricted the devices are.
- BYOD or company-owned and managed devices? The best secure messaging solutions like SKY ECC are best for company-owned and managed devices. BYOD devices with company data should also be managed, but don’t need to have secure messaging to protect your business. Device management with BYOD protects company data on personal devices and is a must-have for regulated industries.
- Do you have data retention requirements? Secure messaging solutions with self-destructing messages might not be compatible with some industries.
- Do you need to collaborate or share files?Device management solutions provide collaboration and file sharing in addition to options for secure messaging.
- Do you need desktop and mobile solutions? Protecting data across your entire workforce means putting laptops into the equation. Most secure messaging apps are mobile-only, but this doesn’t mean you shouldn’t ensure laptops with company data are left unsecured.
- Do you need a solution that can be used internationally? Many secure messaging solutions rely on mobile data or Wi-Fi, outside of North America and Europe mobile data and Wi-Fi aren’t secure and a solution like SKY ECC that protects your network connections wherever you are is essential.
- What support options are available? Free apps offer “community support”, which means help might not be there when you need it or give you reliable answers to your questions. Businesses need 24/7, professional support like SKY GLOBAL offers on its security solutions.
- What devices do you need to support? There is no reason not to support Android, iOS, MacOS, and Windows devices—just as long as the devices pass rigorous security checks.
- Do you have industry-specific apps or workflows that need to be supported? A Device management solution like SKY WORK can push required apps even to personal/BYOD devices.
SKY GLOBAL offers both fully-managed universal endpoint management/mobile device management (SKY WORK) and secure communications devices (SKY ECC). All our solutions come with 24/7 support and work on Android, iOS, MacOS, and Windows (SKY ECC is mobile-only available on both Android and iOS). You can get in touch with us and get detailed product information on the entire SKY GLOBAL Security Suite, or check out what’s on the store:
If you’re interested in the absolute best encrypted messaging app available—and have a network of people who feel the same way—consider joining the SKY ECC Partner Program and start building a business helping people and businesses secure their communications.