The general attention to security, the increasing competition among messengers, and scandals related to the sale of user data stimulated the business owners to review the security of tools they use in everyday communication. In turn, it forces the developers to introduce additional means of protection, such as end-to-end encryption of transmitted data. Today, we will review five crucial security criteria for instant messengers used by enterprises.
Criteria of Safety
Considering that instant messengers are widely used to transfer confidential data, both in personal and corporate communication, having gained access to the messenger, an attacker will surely find information that will be of interest to them. We used to think that hackers are only interested in logins, passwords, and bank card numbers. In fact, any information about us can be used by a fraudster, at least for phishing or social engineering. We should also not forget about the special services, which seek to control everyone and everything. The loud scandal with the attempt to hack the iPhone by the FBI is vivid proof of this.
But what are the signs that one or another instant messaging program can actually provide privacy on the Internet? Experts identify several main functions, the presence or absence of which should be paid attention to when choosing a corporate messenger:
Usually, messengers send info in encrypted form in order to avoid interception at the moment they pass through communication channels. End-to-end encryption implies that not only correspondence is encrypted, but also all other information that users exchange in the process of communication: documents, photos, videos, and music.
Access to messages by the service provider
It is much safer if the company that owns the messenger does not have access to users’ messages. To do this, they must either be encrypted with algorithms that cannot be decrypted from the server or simply not stored there. The first approach uses WhatsApp messenger, while the second is used by applications such as Wickr and Threema.
Automatic message deletion
Some secure messengers for Android and iOS have the function of completely deleting the correspondence – it disappears after a certain time after reading it. Automatic deletion can be implemented by default or as a configurable option – just like in secret Telegram chats.
Most of the popular messaging programs have a closed, proprietary architecture. Therefore, even those who are in programming find it difficult to verify whether the encryption and security are really the same as the developers of the program claim.
Data required for registration
In order to create an account, the messenger usually asks the user for confidential information. This data is already enough to compromise the privacy of its customers and corporate secrets if a service provider is hacked. So, the less data is required for registration – the better.