“Apple does some very cool things and I’m constantly tracking all the patents they file around homomorphic encryption,” he says. “Most employees understand that there are times when their work needs to be recorded.”Īlthough Wallenstrom is disparaging about WhatsApp, he’s complimentary about Apple and its iMessage platform. “The trick is to ensure total transparency to the end user,” Wallenstrom tells me. ![]() The question is whether this inhibits team building in our new, fragmented working environment or better protects individuals from overbearing colleagues that break corporate rules or worse. The lightweight chatter between staff on WhatsApp is rarely replicated on email, Slack, Teams. The challenge for Wickr, though, is that it is an enterprise platform and users view communication on enterprise platforms as different to “private” alternatives. We have encountered multi-national organizations with sales operations relying on WhatsApp, despite a policy that specifically prohibits it.” “CISOs know the risk of employees conducting sensitive business on systems where the service provider is both listening and responsible for security. “The unsanctioned use of consumer-grade messaging apps like WhatsApp in corporate settings has created incredibly challenging shadow IT problems for organizations of all sizes,” Wallenstrom says. This is why DoD leadership is making a concerted effort to move troops away from WhatsApp and onto Wickr RAM-a product purpose-built for military-grade, secure end-to-end communications.”ĭefense and intel users is one thing, but these same risks have now materially escalated within enterprises. When members of the military, or anyone in the national security apparatus, use WhatsApp they increase the probability of critical information being exploited by bad actors. “Consumer products like WhatsApp have no interest in adhering to the compliance rules that govern a large organization. “Wickr is absolutely secure enough for the intelligence community,” Wallenstrom says, “and is currently sanctioned for use in special operations units and across the DoD, particularly in the warfighter community. Wickr RAM has been vetted and validated by the NSA as the only tool with full functionality to meet all security criteria… This is where it has unique capabilities that WhatsApp, Facebook, Signal and Telegram will never provide.”īut, despite this, WhatsApp is used extensively by military personnel. “The use of WhatsApp violates the strict compliance requirements across most government agencies like the DoD,” Wallenstrom says. Wickr RAM has brought this differentiation into a product designed for government use-open protocol, FEDRAMP-approved data hosting (planned for 2021), FIPS 140-2 compliance, mission data retention. The first time I came across Wickr-some years ago now, it was because it was the only off the shelf messenger accredited by an intel agency my company was working with. This is the difference between a security company like Wickr and a monetization machine like Facebook… The risks of a company trusting the likes of Facebook or Zoom with protecting critical IP or a warfighting unit from harm are simply too great.” This keeps us from making product decisions like the MP4 video file vulnerability in WhatsApp-a buffer overflow introduced because it made WhatsApp more fun and stickier. We then have third parties test our implementation and publish the reports. ![]() “We publish how to defeat our product and the steps we’ve taken to harden against these processes. ![]() “Being a security first company is important,” Wallenstrom tells me.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |