The growing need for encrypted communications – TechRadar

Posted on by

Nowadays most of our communication is conducted online using messaging apps and services on our smartphones and computers. However, ensuring our messages remain private and secure has become increasingly difficult which is why business users and consumers alike are now turning to encrypted messaging apps.

At the same time though, the intelligence-sharing alliance Five Eyes and other national governments continue to call on tech companies to create backdoors which would give them access to users end-to-end encrypted communications. This would defeat the purpose of using encrypted messaging apps and services in the first place and put the security and privacy of users worldwide at risk.

To learn more about the benefits of encrypted messaging and how these tools can benefit remote workers, TechRadar Pro spoke with the co-founder and CTO of Wickr Chris Howell.

As a class, they represent the state of the art in privacy and security. The biggest thing end-to-end encryption (E2EE) does is it takes the app or service provider out of the equation from a message privacy perspective. If the service providers systems cant read your messages, then neither can one of their rogue employees or someone who manages to compromise their servers.

For one thing, the line between business and personal isnt so clear now that people are all reachable 24/7. Personal business is just as important as company business to most of us. Both aspects have suffered equally due to the industrys failure to provide meaningful security for communications applications over the years. E2EE was first popularized in consumer apps, and its only because it was so easy to use there that the demand for business use grew and more enterprise-grade tools like Wickr evolved.

Simply ensuring that data is always encrypted doesnt count. It has to be a form of encryption that cant be decrypted by anyone or anything other than the sender and receiver. If any system or device in the message delivery path between the sender and receiver can decrypt and read it (and use of technologies like HTTPS or TLS is a dead giveaway for this), its not E2EE.

The U.S. Air Force has a particularly strong vision to offer the warfighter a highly secure collaboration solution that can support the mission all the way out to the tactical edge. Of course, there are some specialized use cases out there, but at a base level, the military needs the same thing we all need - an easy to use unified communications tool they can count on to secure their sensitive communications.

Weve been fortunate in the past year or so to add smart folks like Blake and others to the team who bring with them decades of military experience from headquarters to harm's way. If were going to serve the warfighter, wed better understand what our product needs to meet the mission, how it will be used and on what systems, and how it will be tested, deployed and scaled. Their perspective is invaluable and is really helping us make our product the best it can be.

Most people are still shocked at just how insecure the communication tools we grew up on have always been. To some extent, the tide is turning, and I think more and more, the expectation will be that our communications - business or private - should be secure vs. the alternative. Demand in business will especially grow as private business is increasingly faced with more advanced threats, including international organized criminal hacking groups and even nation-states. The fact that E2EE solutions like ours can also now support regulatory compliance/message archival regimes and operate at an enterprise-scale has contributed to its growth as well.

More people working from home means more sensitive business is being conducted in virtual versus traditional conference rooms. The more we shift to virtual, the more data thats at risk to remote attackers. We saw it play out in the scramble to remote conferencing solutions last spring. Not long after the scramble came the uptick in security incidents as attackers exploited the weaknesses in solutions that frankly werent suited for many of the use cases being thrust upon them. The ordeal of the past year educated a lot of people in the importance of secure communications.

The main thing to keep in mind is different services offer different levels of protection. Most services will say they are secure and encrypted, but virtually all of them still have access to your data, I.e., are not E2EE. More and more services are seeing the light and adding E2EE, which is great, but not everyone can do it well, and theres more to security than just plugging in an encryption library. If security is an important requirement, make sure its even more important in the eyes of the service provider. It takes more than a checkbox to do it right.

See the original post here:
The growing need for encrypted communications - TechRadar

Related Posts
This entry was posted in $1$s. Bookmark the permalink.