100% on the safe side
The most necessary security settings for a messenger for organisations
Crisis situations can be manifold these days. Whether it is the implementation of hybrid work caused by a global pandemic or the increasingly frequent cyberattacks on corporate IT infrastructures - all digital IT systems must be protected against emergencies under all circumstances.
Hybrid work is the latest trend. Particularly employees who spend more time sitting at a desk than being on the move want to be able to work from anywhere – regardless of whether it’s in the office, home office or remotely. A similar principle applies to mobile workers, of course. While this does not change their daily work routine, those who have been partially excluded from corporate communications in the past due to a lack of communication channels in particular should benefit from a hybrid communication model just as much as location-independent office workers. Mobile communication channels, such as our business messenger Teamwire, make it possible to include all employees in communication and connect them with each other via text and voice messages as well as video calling for communicative arrangements.
However, location-independent working as a result of the digital transformation is unfortunately not only an opportunity, but also harbors dangers. A hybrid form of work opens up even greater attack vectors for cybercriminals, for example through the use of unauthorized (communication) applications or through connection via virtual private networks (VPNs). Thus, the number of cyberattacks on companies per day is steadily increasing. In addition, the current situation surrounding the Ukraine crisis, the topics of cyber security and secure communication in crisis and emergency situations have increased once again.
To be prepared for hacker attacks, more and more companies want to better protect their IT infrastructure and communication systems to close security gaps. On the other hand, to ensure end-to-end communication, they need failsafe and stable server environments that are independent of foreign cloud providers, as well as provide protected communication channels for collaboration on all end devices.
In this context, it is hardly surprising that a new security model has been established that companies should follow for even more cybersecurity: the Zero Trust model. At Teamwire, we welcome this development, as it has always been our mission to enable optimal communication for all employees of a company – Secure. Simple. High-performing. This means smooth communication with the greatest possible data security and sovereignty. In doing so, we rely on the Zero Trust model, both from a product and a company perspective.
First, let’s explore what Zero Trust is all about and make the Zero Trust model a little more tangible. Zero Trust assumes that absolutely nothing is secure – no matter what tool or platform; not even behind the corporate firewall. Therefore, under the Zero Trust model, every request is checked as if it came from an openly accessible network. The principle of “trust is good, control is better” applies. Before access is granted, the request must be fully authenticated, authorized and encrypted. At the same time, it means verifying identity and checking the state of the end device. Lowest possible access rights help contain propagation in the system. Comprehensive business intelligence (BI) and analytics help better secure the digital environment by detecting and mitigating anomalies in real time. This makes it much more difficult for cybercriminals to access data or cause damage.
The Capgeminie study “IT Trends 2022” (available in German) also confirms that the Zero Trust model is currently one of the most important technologies. Zero Trust is ranked second out of 10 technology trends. According to the study, almost 20 percent of the CIOs surveyed are currently implementing it. That is twice as many as a year ago. Around a further quarter are also planning to implement a Zero Trust model before the end of 2022.
The Zero Trust model is essentially based on the following three principles:
Authentication and authorization must always include all available data points, such as anomalies, data classification, device integrity, resources and location.
To fully protect data and remain proactive, it is important not to assign more permissions and rights than necessary. It is recommended to limit user access with Just-in-Time (JIT), Just-Enough-Access (JEA) and risk-based adaptive policies.
Zero Trust microsegmentation helps base security policies on a strong, machine-generated identity for individual workloads, rather than general IP addresses. This enables the use of technologies such as containers and microservices. Encryption and analytics also help protect data and detect and defend against attacks.
It is a fact that the time has come for a new security model that fits seamlessly into complex modern environments, incorporates the hybrid workplace and protects data, devices, applications and users at any place and at any time. Not only planned solutions, but also those already in use must meet the demand for zero trust. This also applies to communication solutions such as our business messaging app Teamwire because, as mentioned at the beginning, any solution, including a business messenger, could be used as a potential attack vector. At the same time, insecure messengers for private use – such as WhatsApp, Signal, and Telegram – are excluded from the outset. The reason for doing so is that consumer messengers are not sufficiently positioned in terms of data protection, functionality or technology with regard to zero trust, and they are reaching their limits in terms of cyber security and secure communication, including administration via IT.
At Teamwire, our core business is fast, secure, and confident communication via text and voice messaging, as well as video calls. We have always made no compromises when it comes to data privacy and security. Below, we’ve summarized aspects and features of our messaging app that are built on the Zero Trust model from a business perspective:
Increasing digitalization is accompanied by security risks – there’s no question about that. To improve cybersecurity and guarantee secure communication, a Zero Trust architecture is the order of the day. But Zero Trust cannot be implemented overnight. It is an ongoing journey that starts with simple first steps and improves processes continuously as well as iteratively. A messenger like Teamwire, which is based on the Zero Trust model, can provide companies with crucial support in this process.
Do you have questions about how you can use Teamwire as a zero trust messenger in your company? Then contact us and arrange a free consultation without obligation.