We are delighted to be awarded the Queens Award for Enterprise International Trade 2021
Many of the customers who bought our technology did so because they were required by regulation to ensure their voice/video/messaging protected data for GDPR and other financial compliance. So what exactly are the dangers of consumer (ie. free) apps? And what does Armour provide that the free apps don’t?
Encryption is rarely the weakest link
Encryption is (or should be) a given, it is rarely the weakest link, and therefore rarely the attack vector. The dangers in using free apps for business revolve far more around how your sensitive data is managed, where it goes and who has access to it.
Armour encrypts all data at all times, wherever it is held, including attachments and signalling (used to initiate the communication).
Consumer apps need a GSM number to use as the ‘secure number’. This number is used to send activation codes in clear text via an SMS message. This is easy to intercept and can compromise any security before it is even activated, additionally when using BYOD, it means everyone in the organisations knows your personal phone number, which could be open to abuse or nuisance calls.
Within Armour any unique number/name/email can be used as a ‘secure number’.
Harvesting your data
Consumer apps run on the vendor’s infrastructure only, and even if the content is protected (by encryption), the metadata of each call or message is visible to the vendor. Together with uploading all your native contacts this can be cross matched with other user information to build up a detailed picture of user habits, geo-location, and common friends/contacts, which can be used for profiling and targeted advertising. Or sold to third parties for a similar purpose.
Armour utilises a subscription business model, so there is no need to upload native contacts or harvest user metadata in order to make a profit. For added privacy Armour offers an on-premises option so only your organisation has access to who can use the system and when, how often and with whom they communicate. If you need to provide historic data for compliance purposes this can be accommodated through on-premises archive and retrieve capability.
Securing your Communities
Consumer apps run on the vendor’s cloud and work in a single global group community where anyone can call anyone if you know or guess their number. Furthermore, it can put users at risk of phishing scams sent from within the messaging app, which can be perpetrated by anyone who has access to a list of valid GSM numbers, whether obtained legally or from the dark web.
At Armour we offer a closed group of known users, protecting the group by ensuring each user is authorised to provision. We use the concept of communities (cryptographically separated) to further divide the closed group to allow for supply chain communication and protection, allow-listing these communities where necessary to enable communication.
In addition, third party certification, Intelligent Support and advanced security features, such as protecting use on jail-broken phones are all benefits of the Armour solution which will not be found on consumer solutions and even some well-known enterprise apps!
When protecting your voice/video and messaging data, security does not mean compromising on ease of use or compromising with regulation and compliance.