Secure Messaging: it’s messaging, but is it really secure?
One of my pet peeves is reading an insightful article, reaching the last paragraph and seeing that it was all a pitch for a product or service that the author is pushing.
As such, I’ll be transparent and indicate at the start: this is a plug for an incredible technology by a company I advise, GlobeKeeper. The article will still be insightful, regardless if you’re a potential client for the platform or not. Read on.
Secure messaging, what is it, who needs it (do they need it?!), and what are the options?
What is it?
Ask ten people what secure messaging is, and you’ll get 12 answers, so I’ll provide my thoughts on characteristics of a secure messaging platform:
Sending data between two or more points, using a cellular/mobile device, whereby
- Personal information of involved parties remains anonymous or unidentifiable
- The content of the message is unreadable by unauthorized parties:
at the source
at the destination
en route between the source and destination
at the processing server
at the backup image - User’s log in details are not logged
- User organization has full sovereignty over the platform data and access
- There is no record, nor association of external (non-platform) accounts to the messaging account
- Messages are automatically deleted from the server, and the client (device) should malicious code be detected on the device
Who needs secure messaging?
I’m admittedly pretty old fashioned and subscribe to the adage “if it’s that sensitive, keep it off the internet”. Today’s reality, however, dictates that we, security partners, need to consider solutions to organizations that use text messaging platforms as a way to communicate what may be considered as sensitive information, whether security related, business related, or of a personal nature.
The more attractive a target the users are, and the more sensitive the message content, the higher the risk the messages are of being intercepted and the content being compromised, either on the devices, “in the air” or at the server side.
To simplify, I’d say, if your organization employs a CISO function, you probably want to consider how secure your messaging platform is, or isn’t.
Ok, so you want/need a secure platform, what’s out there?
There are all the usual suspects, which I won’t describe each, but will point you in the direction of a table produced by the US FBI which compares security features (compare with my list above as what is secure messaging). I will however point out, that in several of the existing platforms, it’s not really known who has access to the data, in fact, in some cases, it’s not even known who owns the platform or servers. If you or your organization considers an anonymous, or marketing-based service as secure, I recommend reassessing.
Excluded from the list is the GlobeKeeper solution, which answers all criteria listed above, including offering an on-premise option resulting in the client organization’s complete sovereignty and access control to the platform as well as an automated destruction of all messages from both the database (server side) and device should malicious code be detected by the GlobeKeeper app (client) on the device.
Currently, multiple government agencies, as well as several impactful corporations, are enjoying the benefits of a truly secure, truly sovereign platform by GlobeKeeper. Contact Globekeeper now to see how they can help secure your text based communications!
About GlobeKeeper
GlobeKeeper provides situational awareness by enabling users to transmit live video/audio streaming, share files, text messages and pictures — all in real-time and in a secure environment.