23 years
97.9 Customer Satisfaction Score
200k Tickets Closed
83% resolved remotely
97% Resolved within SLA Goal

Messaging applications have carved out a foothold in businesses, clearly proving their operational benefits. However, it simply isn’t responsible to leverage a solution without making sure that the solution is secure. There are a few criteria that you should consider to determine how secure your chosen application really is.

The Criteria
When evaluating your messaging solution, ask yourself:

  • Are my messages encrypted (and how encrypted are they)?
  • How transparent is the application to scrutiny?
  • How are messages deleted?
  • How much metadata is kept?

We’ll review why these questions are the important ones to ask.

Are my messages encrypted (and how encrypted are they)?
Encryption is a method of scrambling data so that it is incredibly difficult to interpret, accomplished through an algorithm known as an encryption key. Without going into too much detail, this makes any data that has been encrypted extremely secure.

Most major messaging applications use encryption today, but not all of them follow the most secure practices.

For instance, applications like Google Hangouts and Skype encrypt the messages that their users send… but also retain a copy of the encryption keys. This is so they can access the messages sent and collect data to power advertising. This also means that your data is left vulnerable if a cybercriminal makes their way into the application’s servers, or if the government waves a search warrant at them.

More common, fortunately, are apps that utilize end-to-end encryption, where the application only holds the keys that encrypt the data, accessible by the users. The users, on the other hand, hold the keys that decrypt the data again. As a result, not even the company hosting the messaging application can access the contents of their users’ messages, nevermind cybercriminals or law enforcement. WhatsApp and Signal are two apps that now leverage this approach. In fairness, Skype does offer this capability as well in its Private Conversation feature, but it isn’t enabled by default.

How transparent is the application to scrutiny?
Taking the developer at their word is one thing… it’s quite another for independent and impartial experts to be able to confirm the claims that are made about an application’s security. For this reason, applications based on open-source code are generally more trustworthy, as they are scrutinized by experts who discover and report any vulnerabilities.

A few applications provide their source code openly, including Signal, Telegram, and Wickr, while WhatsApp and Facebook Messenger don’t quite qualify but are based on the open-source Signal protocol.

If an application is closed-source, like iMessage is, a user is entrusting the developer completely to maintain the security of the messages sent.

How are messages deleted?
While sending a message securely is key, the security of the message once it reaches its destination should not be overlooked. After all, if someone without authorization gains access to the device later, encryption isn’t going to do squat to protect your data. However, if you are able to delete the message after it is delivered, security is suddenly much more likely.

Skype, Telegram, and Signal all allow a user to do so. In fairness, so does WhatsApp, but it needs to be deleted within 13 hours.

Some apps feature self-deleting messages, described under various names, that destroy themselves after so much time has elapsed. Signal has “disappearing messages” with a customizable time. As we have established previously, not all apps offer the same functions, and this does nothing to delete any screenshots of your message that the recipient may have taken.

How much metadata is kept?
In addition to the contents of your messages, you want to know that your chosen application is also protecting your security via the metadata it stores. Metadata can contribute to security issues through user profiling, as it includes things like the identities of both sender and recipient of a given message, when communications were made (and for how long), IP addresses, and even the kinds of devices used. In short, it can say a lot about you.

This is precisely why you want to make sure you know what data your messaging application will collect, as well as what it will preserve. This site offers a handy breakdown of many popular applications, broken down side-by-side.

Hopefully, this information will enable you to make the best choice for your business. For more assistance with your business’ security and operations, Palindrome Consulting has the IT solutions that you need. Call 305-944-7300 for more information.

Schedule your No-Obligation IT Assessment with Palindrome Consulting

Schedule Now

Elizabeth Mitrani
Elizabeth Mitrani
17:23 06 Aug 19
Palindrome Consulting was key in establishing my business and helps me keep it running. They are the consummate... professionals, incredibly knowledgeable and are always available to help. They have gone above and beyond to ensure that I was up and running quickly and that any issues that may arise on my end or dealt with immediately. I highly recommend Palindrome Consulting.read more
Moshe Rubinstein
Moshe Rubinstein
14:57 28 Jun 19
They are there every step of the way. Responsive and timely. The full service mentality mixed with the problem solving... abilities, is what makes them an easy choice.read more
Benjamin Wainberg
Benjamin Wainberg
14:09 28 Jun 19
Palindrome Consulting is customer centric. For Palindrome Data Safety is paramount; they keep their and our systems... updated with the newest technologies and are not shy at changing to better alternatives. Their platforms are always running and in the odd case there is an event, their technical team has an awesome response time.read more
Copier Man
Copier Man
13:56 28 Jun 19
We have been using Palindrome since 2005. They make my company feel like we are #1 all the time. Expert staff are... always available to help all my users all around the country.read more
Martin Feldman
Martin Feldman
16:43 26 Jun 19
As a partner in Fischer & Feldman, P.A. we have utilized Palindrome Consulting as our IT experts for many years. In... addition to keeping our server up and running, they are available to consult on the everchanging cloud and web landscape. We could not function as a successful law firm without their constant care, attention and almost IMMEDIATE RESPONSE TIME.read more
Rebecca Fischer
Rebecca Fischer
16:39 26 Jun 19
Palindrome has been my IT company for more than 15 years. We have been through four server and computer replacements... over the years all of which went smoothly. As technology has changed Palindrome has kept us current in their recommendations and are extremely responsive when we run into a software or hardware problem. We have been through hurricanes with Palindrome and felt confident they would have us up and running as quickly as possible and despite the fact we are probably a smaller client, they have treated us as one of their most important clients. I highly recommend Palindrome and have complete confidence in their capabilities and service. They have even gone the extra mile when we wanted to donate our old computers to a children's special needs school and delivered the computers, set them up and provided service for the same. Ilan Sredni is the consummate professional and has surrounded himself with top professionals and skilled technicians.read more
Nelson T
Nelson T
20:32 25 Jun 19
Palindrome Consulting has proven itself time and time again to be the epitome of professionalism and technical... expertise. They take the time to listen to your needs and then apply their wealth of technical knowledge to create truly innovative and robust solutions. They truly deliver piece of mind.read more
Next Reviews
js_loader