The Drive for Secure Communication

secure communication

Steve Whiter, Director, Appurity looks at forms of communication, the security risks involved, and how this has evolved.

The way we communicate has evolved dramatically since the invention of the telegram back in the 1800s. Another evolution (of sorts) has been largely brought about by the challenges of COVID-19. The global pandemic saw global institutions having to adapt to an entirely remote working model, almost overnight. In addition, the number of communication tools available to organizations and their employees has taken off in the last 18 months or so. This is especially true of the likes of WhatsApp and Zoom, for example – once used almost exclusively for personal use but driven into the hands of enterprise as an answer to the communication challenges of a largely disparate workforce.

And so, with more flexible working patterns, With workers no longer tied to an office desk and with technology providing the support for people to work from anywhere, what are the challenges from a security perspective? What problems arise when you increasingly blur the (technological) lines between your work and your personal life?

As we have seen, technology has been a great enabler when it comes to dealing with a predominantly remote / working from home (WFH) workforce. Organizations of all shapes and sizes and in every sector imaginable, have relied upon technology to keep their people connected, communicative, productive, and secure.

A great example of this is the smartphone (smart device). In the UK alone, it is projected that the mobile internet penetration rate could be as high as 75%. This translates into big numbers of people that own such devices and use them constantly to access the internet. Smart device usage throughout the pandemic has likely increased considerably with the numbers of people remote working, WFH, etc. And herein lies a major security headache for organizations because many people simply assume that their smart device is safe and secure to use.

They tend to do things on these devices that they wouldn’t do on their office PC or laptop, for example. Remember, your phone isn’t impervious to cyberattacks and hackers can steal all kinds of sensitive data from these devices – and not just your personal information, if you are using your device for both work and play then any breach can potentially access proprietary company data. A perfect illustration of the negative outcome of when you blur the lines between work and play.

We mentioned some popular communication tools earlier, perhaps none more so than WhatsApp. Owned by social media giant Facebook, WhatsApp is the leading messenger app globally with an estimated 2 billion users. And whilst it started for many of us as a means to communicate with friends and family in our personal lives, it has successfully woven itself into the world of enterprise, especially so when so many of us have been WFH during lockdown periods.

But WhatsApp offers end-to-end encryption so it must be safe to use right? You might be surprised to learn that Signal (a WhatsApp competitor) is the best option for user privacy. It uses the least amount of data access compared to WhatsApp that collects all manner of data – Device ID, User ID, Advertising Data, Purchase History, Contacts, Payment Information to name but a few.

And it’s hard to talk about messaging security without talking about Pegasus. A joint investigation by Lookout and Citizen Lab revealed that this highly advanced mobile spyware had been used on business executives, human rights activists, journalists, and academics amongst others.

It came to light that NSO Group, an Israeli-based company behind the development of Pegasus and a leading figure in the spyware industry was in fact behind these hacks. It pushed WhatsApp to file a major lawsuit against the Israeli company whereby the messaging giant revealed that victims of the hack had received phone calls using its messaging app and were consequently infected with the Pegasus spyware.

Today’s mobile devices are very powerful. They can access the same data as a PC but from anywhere. This in turn massively increases the attack surface and risk for organizations. This is because many of these devices are commonly used outside of the organization’s security perimeter. Therefore, employees who can access sensitive company data or resources whilst using their device of choice, present a very attractive target for cybercriminals. Mobile phishing can be especially lucrative for cyber attackers with mobile malware delivered to victims via a phishing link – smaller screens on smart devices make it even easier for phishing success compared to if an employee is working with a larger screen (office PC or laptop).

Mobile security is therefore vital where devices and apps pose a major risk. Organizations must safeguard information in the cloud while providing better access to data. Building security from the start is essential. Endpoint security assessments will help you understand where your weak points are and what should be done. With the correct endpoint security, you can help your employees to protect their (and your) data, to stay securely connected, and uphold privacy and trust. On the basis that people can, and will, work anywhere and often use their devices for both work and play, organizations need to ramp up the security of their communications.

Click here to discover more of our podcasts

For more news from Top Business Tech, don’t forget to subscribe to our daily bulletin!

Follow us on LinkedIn and Twitter

How E-commerce Marketers Can Win Black Friday

Sue Azari • 11th November 2024

As new global eCommerce players expand their influence across both European and US markets, traditional brands are navigating a rapidly shifting landscape. These fast-growing Asian platforms have gained traction by offering ultra-low prices, rapid product turnarounds, heavy investment in paid user acquisition, and leveraging viral social media trends to create demand almost in real-time. This...

Why microgrids are big news

Craig Tropea • 31st October 2024

As the world continues its march towards a greener future, businesses, communities, and individuals alike are all increasingly turning towards renewable energy sources to power their operations. What is most interesting, though, is how many of them are taking the pro-active position of researching, selecting, and implementing their preferred solutions without the assistance of traditional...

Is automation the silver bullet for customer retention?

Carter Busse • 22nd October 2024

CX innovation has accelerated rapidly since 2020, as business and consumer expectations evolved dramatically during the Covid-19 pandemic. Now, finding the best way to engage and respond to customers has become a top business priority and a key business challenge. Not only do customers expect the highest standard, but companies are prioritising superb CX to...

Automated Testing Tools and Their Impact on Software Quality

Natalia Yanchii • 09th October 2024

Test automation refers to using specialized software tools and frameworks to automate the execution of test cases, thereby reducing the time and effort required for manual testing. This approach ensures that automation tests run quickly and consistently, allowing development teams to identify and resolve defects more effectively. Test automation provides greater accuracy by eliminating human...

Custom Software Development

Natalia Yanchii • 04th October 2024

There is a wide performance gap between industry-leading companies and other market players. What helps these top businesses outperform their competitors? McKinsey & Company researchers are confident that these are digital technologies and custom software solutions. Nearly 70% of the top performers develop their proprietary products to differentiate themselves from competitors and drive growth. As...

The Impact of Test Automation on Software Quality

Natalia Yanchii • 04th October 2024

Software systems have become highly complex now, with multiple interconnected components, diverse user interfaces, and business logic. To ensure quality, QA engineers thoroughly test these systems through either automated or manual testing. At Testlum, we met many software development teams who were pressured to deliver new features and updates at a faster pace. The manual...