How secure are your sensitive video calls?
The BBC reports that Germany has admitted to a hack by Russia of a military meeting where officers discussed giving Ukraine long-range missiles, and their possible targets. https://www.bbc.co.uk/news/world-europe-68457087 Elsewhere it was reported that British forces involved with transporting the missiles could therefore be at additional risk.
It has been confirmed by the German government that the call was authentic and, has been leaked by the Russians on the dark web.
There are so many levels on which this worrying story gives rise for concern. Not least is the highly insecure practice of using a non-secure channel for discussing military secrets. And it comes hot on the heels of a story that broke in January that US security company Ultra Intelligence and Communications fell victim to a cyberattack that, amongst others, affected the Swiss Air Force, when thousands of documents were stolen and made available on the dark web.
This isn’t necessarily a case of Russian intelligence being particularly clever, by not using a secure communications platform designed specifically to protect sensitive conversations, people are making it easy for them!
For protecting the most sensitive of conversations, such as the military secrets discussed in this instance, there are highly secure, on-premises communications solutions that could have been used. By running an on-premises solution organisations significantly reduce the potential attack vectors, as well as keeping total control of every aspect of their sensitive communications,
Armour Unity secure video conferencing
One problem facing many security conscious organisations is how employees handle data of mixed classifications. When sharing information that can be OFFICIAL, OFFICIAL-SENSITIVE, NATO Restricted or even SECRET, what are the appropriate/approved collaboration tools to use? And, how do you ensure data sovereignty.
Armour Unity™ provides an alternative to consumer grade applications. Unity delivers secure conferencing in an easy-to-use app for mobile and desktop use, with enterprise security features not provided by free-to-use consumer products including a choice of cloud or on-premises installation to ensure data sovereignty. Unity is available in several configurations to ensure the level of security matches the sensitivity of the conversation. Unity combats the issue of ghost callers that may eavesdrop on sensitive conversations by highlighting to all users whether a participant has joined the call via an app, or securely via a browser –browser options often increase vulnerabilities.
Award-winning Armour secure communications
- Given its multi-domain, multi-organisation structure with strictly siloed security Armour can augment and broaden secure communications and collaboration capabilities.
- OFFICIAL SENSITIVE collaboration can be provided via Armour’s Secure Cloud extending to include desktops, workstations and unified comms systems.
- The Armour installation can be hosted and managed on-premises to give the organisation total data sovereignty.
- All users of the Armour ecosystem are centrally managed, and only those invited are able to join a communications group.
- Identity-based encryption and authentication means that users can be confident that they are communicating with trusted colleagues, rather than impostors.
- Remote wipe means that all sensitive information can be removed from the Armour ecosystem should a user or a device be compromised.
- The organisation keeps control of its data because messages and documents cannot be forwarded to third parties outside of the platform.
- Message Burn enables the sender to set a message to self-delete after a specific time either after it has been sent, or after it has been read.
- Central admin can set all messages for all users to auto-delete after a set period, for example, 7 days, or a month.
- Armour Recall™, a secure audit capability, is available as an additional service, where conversations and associated files are archived for future reference by a suitably security-screened auditor. The files are securely preserved even if the original messages have been deleted or lost.
Not on the High Street
This type of robust secure collaboration is not available from mass-adoption communication tools such as MS Teams, Zoom, GoogleMeet and WebEx. They all claim end-to-end encryption, however, as we’ve mentioned on numerous occasions, there is a lot more to security than just encryption. When looking for a secure communications solution there are multiple aspects to consider. Understanding the likely threats in this environment and solving each one combined with providing an application that is as easy to use as, say, a consumer application, is key to most organisations’ decision making. This is an important point made by the UK’s National Cyber Security Centre (NCSC) Seven Principles for Secure Communications. For more information on this topic, read our blog: https://www.armourcomms.com/2021/04/21/replacing-whatsapp-advice-from-ncsc/
Armour® provides highly usable and engaging solutions, so your users will have no reason not to use them. Our Buyer’s Guide gives advice as to what you should be looking for: https://www.armourcomms.com/2023/06/29/securing-communications-channels-a-buyers-guide/
