It’s a Bird, It’s a Plane, It’s… Your Instant Messages?
In today’s world, we’re all superheroes, fighting the good fight against the dastardly villains of cybercrime. Our trusty sidekick? Instant messaging apps. With great power comes great responsibility, and we must ensure our conversations remain secure and private. While recent advice from Wired offers excellent tips for individuals, organizations, especially those operating within the critical infrastructure sectors, need to step up their game. So, let’s put on our capes and evaluate Wired’s recommendations, but with an organizational twist.
1. The Encryption Enigma
Wired Advice: Use messaging apps that employ end-to-end encryption, ensuring only the communicating parties can read the messages.
Organizational Perspective: End-to-end encryption is like a secret decoder ring for messages, but organizations need more than just a toy from a cereal box. Apps like ArmorText offer user+device-specific end-to-end encryption, centralized policy enforcement, user management, and end-to-end encrypted audit trails. It’s like a utility belt for communication security and compliance.
2. Now You See Them, Now You Don’t
Wired Advice: Utilize the “disappearing messages” feature to auto-delete messages after being read.
Organizational Perspective: While this feature might be great for maintaining a secret identity, organizations need accountability. Automatically deleting messages could compromise investigations or audits. Organizations must ensure their communication platforms allow for automated compliance with retention policies. After all, even superheroes need to keep records.
3. Lock Up Those Conversations
Wired Advice: Lock chats behind a passcode or other forms of authentication to enhance security.
Organizational Perspective: While locking conversations is a good start, organizations require more comprehensive security measures. Consumer privacy apps often lack centralized user management and moderation, making it challenging to review user privileges, enforce multi-factor authentication, and monitor for unauthorized access. Organizations should opt for platforms that provide these centralized controls, like a high-tech fortress for your chats.
4. Who’s on the Other End?
Wired Advice: Control which users can communicate with you through messaging apps to limit exposure.
Organizational Perspective: For organizations, it’s vital to have stringent policies on communication channels and robust policies on who can communicate with whom and what information can be shared. This is especially vital for sectors like defense, energy, or government facilities where unauthorized communications could have national security implications. Organizations need communication platforms with governed trust relationships that define allowed communication channels, so your chats don’t end up in the wrong hands.
5. Backups: The Unsung Heroes
Wired Advice: Be aware of where chat backups are stored to avoid unauthorized access.
Organizational Perspective: Data sovereignty and storage security are crucial for organizations. With consumer apps, chat backups might be in plain text and stored in employees’ personal clouds, which poses security and regulatory risks. Organizations need to ensure that they use communication platforms where backups are encrypted, stored securely, and accessible for compliance and reviews under the organization’s control. It’s like having a backup superhero team ready to swoop in and save the day.
The Bottom Line
While the advice from Wired serves as a good starting point for individuals seeking to secure their personal communications, organizations must adhere to a higher standard. Navigating communication security requires a thoughtful and tailored approach, bearing in mind the unique challenges and responsibilities that come with operating in an interconnected and rapidly evolving digital landscape.
Organizations need solutions that offer not just end-to-end encryption but also the necessary tools and features for data retention, centralized control, and compliance. By adopting a more holistic approach to communication security, organizations can protect both their internal operations and the broader communities they serve, just like the superheroes they are.