As if you, your admin, office computer whiz and your IT team didn’t already have enough threats to securing communications and keeping personal and business data protected.
In 2016 and 2017 we experienced more hacks, attacks, data breaches, exploits and cybersecurity threats than any of us could keep track of. One recent, little-noticed exploit — but nonetheless extremely dangerous and impactful — was when hackers found an old security opening in standard copies of Microsoft Word applications, which sit on virtually all of our personal and business desktops.
In case you haven’t yet heard about this Microsoft exploit — or, if you’re reading this post a few months after it happened — chances are you don’t even remember this attack because hackers have already launched a dozen more since. The exploit or hack leverages an old Microsoft Office feature called DDE (Dynamic Data Exchange), which has been used in the wild to distribute malware to unsuspecting users.
According to news reports, the hack requires unsuspecting recipients of the malware to click on a phony dialogue box or phishing email, which then executes the malicious code and potentially steals or extracts data from the victim’s machine. High-profile victims include mortgage giant Freddie Mac.
One obvious lesson from this latest malware attack is to make sure all of your security software is up to date as well as regularly check if new updates have come out. If you work in an office, getting your employees trained to watch out for potential hacks and cyber schemes — both on your company-issued devices and personal devices that they bring into your network — is costly but can save your company in the long run. Another important lesson is to revisit your IT team’s own practices for ensuring secure communications and secure messaging on all devices — company issued and personal — across your organization.
If you missed it, you might want to review our recently published post on “Best Practices for Secure Communications and Messaging,” to help you get started. This post will dive in a bit deeper to explore 10 secure tools and apps for protecting your communications beyond the standard Office products that we all know, use and love.
We’ll offer our picks for the most secure apps for many of the most common types of messaging, collaboration and communication that you and your employees can use at home or in their standard day-to-day workflow. After all, if even your plain-old MS Office package could be vulnerable to hackers, it might be time to beef up the security of all of your commonly used apps, tools and business solutions.
The Best Apps for Securing Your Message Communications & Data
Before jumping into our list of the most secure messaging and communication applications, it’s worth noting that most of these apps are primarily designed for individuals and small to medium-sized businesses, companies that don’t have (and, in most cases, don’t need) a large-scale in-house security infrastructure. A few of the apps listed below, however, do offer enterprise-level packages — including our own cloud fax platforms eFax Corporate and Sfax, which also have enhanced security and regulatory compliance features. Of course, it’s a good idea to contact the developers of each app to explore their security capabilities and to make sure they meet your individual personal or business needs and goals.
SECURE TEXT AND VOICE APPS
Wickr’s secure messaging is part of a larger suite of collaboration tools that include private-team chat rooms as well as secure online video and voice. What makes Wickr’s messaging app so secure is that it includes end-to-end encryption, it allows business users to set messages and other data to self-destruct after a specified timeframe, and it even offers remote wiping capability that lets company administrators remotely erase corporate data stored on Wickr apps on staff mobile devices.
Note: Wickr offers apps for both small businesses (Wickr Pro) and even enterprise users (Wickr Enterprise).
Signal is a pure-play text-messaging solution — and it’s often described as the most secure app of its kind.
Like Wickr, Signal’s messaging app uses end-to-end encryption. But Signal is also built on an open-source code base, which means its inner-workings are regularly peer reviewed and audited by coders — and that means its security protocols are generally up to date and state of the art. However, as with other open-source-based products, vulnerabilities such as the infamous ‘Heartbleed’ bug can still be introduced inadvertently, so make sure to always update the app when a new version is released, and if you are a heavy user, follow their developer change logs for updates.
SECURE EMAIL APPS
Even though its user interface is simple, streamlined and easy to use right out of the box, ProtonMail’s backend platform features a complex and seemingly impenetrable series of security measures.
Because the decryption of messages sent and received through the ProtonMail service happen in the browser, ProtonMail’s own servers store only the encrypted version of its customers’ emails — and there is no key for decoding these messages on the servers, either. Also worth noting: ProtonMail allows customers to exchange secure email messages with any email address — not just other ProtonMail users.
Like ProtonMail, MailFence encrypts and decrypts its users’ email messages in the browser. As the company’s website explains, this means “It is impossible for anyone (including us) to read your emails along the line.”
As secure and easy to use as MailFence is, however, it has one drawback: Users can send messages only to individuals or businesses using the OpenPGP encryption standard (which MailFence itself is built on). Still, this is one of the most secure email apps on the market today for businesses.
We all once viewed Gmail as a personal webmail service — essentially a more sophisticated version of Hotmail, and cooler because it’s a Google product. But Gmail is now increasingly being adopted by businesses as a corporate email solution. Indeed, although many companies don’t realize it, the Gmail-for-business service allows companies to use Gmail’s platform with their own domains, allowing them to use their own corporate email addresses for their employees — name@ABCcompany.com — rather than an @gmail.com address.
And because it’s a Google product, you know that Gmail enjoys the same levels of heightened security and hyper-vigilance against cyberattacks and malware that Google’s security team applies to all of its services.
But this is not to say that Gmail is entirely free of security vulnerabilities. Hackers have discovered weaknesses in the past, and more recent reporting has found hundreds of thousands of Gmail accounts had been hacked and were being sold on the dark web.
SECURE VIDEO APPS
(Yep — that WhatsApp)
Don’t let the minimalist interface and casual style of WhatsApp fool you: The company’s security protocols are all business. And the world-wide instant messaging and VoIP application now supports video communications as well.
Developed in collaboration with encryption protocol experts Open Whisper Systems (whose technology is endorsed, if you can believe it, by Edward Snowden!), WhatsApp provides advanced, end-to-end encryption for all of its users messages — from texts to photos to video calls.
In fact, on the “Security” page of its website, WhatsApp explains that when you communicate with anyone over its platform — whether sending an image or conducting a live video chat — that data is secured with a lock that no third party (not even WhatsApp itself) can open. Indeed, WhatsApp creates a unique lock and key — accessible only to you and your recipient — for every message sent over its platform.