The lack of end-to-end encryption in Skype has long been a concern for security conscious business users. However, in August 2018 Microsoft announced the availability of Private Conversations, offering users the ability to protect chats, calls and file sharing with end-to-end encryption built on the Signal protocol.
We’ve spoken about the importance of secure client communications before. From an accidental leak of information, to a malicious cyber-attack, compromising client confidentiality can result in the sort of reputation damage that can be hard to come back from. But while organizations understand this, too often we find employees defaulting back to less secure communication methods. Why? It comes down to two key factors.
Nowadays, the press doesn’t have to look too far for the next cyber attack story! Whether it’s the surprise theft of customer data, like British Airways suffered this year, or a fresh Facebook hack, if there’s one thing we’ve learned this year – no one, regardless of size and sophistication, is immune to attack.
When Maersk, a global leader in shipping and logistics, was hit by the NotPetya ransomware attack in 2017, it not only found itself unable to manage day-to-day operations efficiently, but also unable to effectively inform the markets and its stakeholders of its response. Combined, the financial impact of NotPetya on Maersk is estimated to have exceeded USD$300m.
Whether it’s a malicious cyber attack, or a complete system outage; when disaster hits your network the immediate priority is to maintain business operations and resolve the issue. However, what you might not realize is that during this recovery period your business could be at even greater risk of a data breach, or malicious attempts to eavesdrop on your confidential discussions!
Has your business chosen an appropriate communication and file sharing tool that can be relied upon in the event of a complete network shutdown? While many businesses maintain a business continuity plan to help them assess potential threats to their organizations, surprisingly few specify the communications tools that should be used in the event of malicious cyber attack (or other a system outage), that renders the corporate network unavailable.
For CIOs and IT teams, the debate over which secure enterprise messaging app to use is typically fought over the level of security on offer. However, for business users, the decision is often less clear, and typically the result of poor understanding. New research has highlighted that many people remain unclear over the level of protection offered by secure, end-to-end-encrypted (E2EE) messaging apps, when compared to basic services such as SMS text messaging (and even phone calls).
The answer is: “Yes, but it depends on the app being used!”. Public sector employees are no different to their private-sector counterparts in that they’re demanding more modern, mobile solutions for collaboration and communication. However, without clear direction from ICT leaders, many are becoming reliant on consumer-grade tools that put data, and digital compliance, at risk.
Any talk of security usually defaults to external threats. But what about threats from inside of your firewall? How often do you consider those? Of course, no one likes to think of their employees as untrustworthy, but the reality is that employees are responsible for 54% of data breaches. And while many of these threats are simply down to negligence (an employee being compromised by a phishing attack, for cexample), a large amount involved malicious intent.
