Users on Wickr Pro can now securely connect, video conference, and share files with other companies and teams including Wickr Me users
OCTOBER 2, 2017
I am excited to announce the launch of Wickr secure communication channels that allow individuals, small independent teams and enterprises to connect across the entire Wickr ecosystem, including with users on our free private messenger Wickr Me, while preserving ephemerality and privacy controls set by each company and sender.
Wickr secure communication channels (a.k.a. federation) are unique for both private messaging and mainstream collaboration platforms. No other private messaging apps allow for interoperability among separate networks on the same platform, limiting group connectivity due to complexity of encryption implementation for large teams. And no collaboration tool to date is built private by design to remove itself from ever being able to store or access customer data for stronger data protection.
While collaboration has become ubiquitous between teams and companies, the minute you communicate with someone outside of your secure corporate network, you assume the risks simply because you have no control over how data is protected on the other end of your conversation. It is especially true when important conversations take place on platforms built to incent high volume business communications stored server-side and therefore forever searchable and 'monetizable'.
“Wickr is improving the privacy and security of critical business collaboration streams by applying its core strengths - strong encryption and persistent ephemerality - to enterprise communications. The Wickr team is building the most sophisticated secure messaging platform on the market, helping companies run their business more efficiently, while significantly reducing their security risks and costs.”
— Jim Breyer, Founder & CEO of Breyer Capital & an early Wickr investor
Scalable Privacy Through Secure Channels Between Companies & Individuals
More and more we hear that teams doing critical work in business, security, government, R&D and other areas chose to rely on math rather than trust the good intentions of service providers. A great number of Wickr customers encrypt communications and data proactively, set expiration time to maintain good security hygiene, and verify participants in high-target communications. To them, this is just a smarter way to do business when they realize that the majority of communications don’t need to live forever on providers’ servers for someone to breach or monetize.
But how do you scale this security model for a company that has countless internal and external collaborators and teams without losing control over your network’s security?
Today, no business or organization can run in a vacuum, or within the confines of a corporate firewall. We all collaborate and share valuable information with outside partners and 3rd parties across many, often insecure channels. In fact, almost 80% of corporate IP is shared via email, putting sensitive deals, customer and financial information at risk of exposure.
Naturally, following 2016’s high-profile security breaches, secure communications have quickly become a top priority for business and political leaders, looking to understand how to protect high-target conversations while encouraging innovation and expanding digital collaboration among teams.
“Current security risks to everyone’s information are not going anywhere; on the contrary, they will continue to become more sophisticated. Every industry everywhere – from Hollywood to Washington D.C. – is struggling with how to confront this new reality. Wickr allows companies and organizations to bring the security and privacy of a face-to-face conversation to digital collaboration.”
— Thomas Tull, Wickr Investor, CEO & Founder of Tull Investment Group
What Secure Collaboration Channels Mean for Wickr Pro and Wickr Me Users
We built secure channels in response to Fortune 500 and other customers who came to us looking for a reliable, easy, and secure way to share proprietary business information with people outside their enterprise networks. With cross-company channels, teams large and small can launch Wickr Pro for private collaboration internally and quickly bring 3rd parties who use the free messenger Wickr Me into sensitive projects like M&A, board deliberations, and incident response with no additional cost or set up time.
Now, when Wickr Pro users need to spin up an urgent discussion with external legal and security teams, or validate cyber incident observations with industry colleagues, they can easily create a secure communication channel between Wickr Pro or Wickr Me to ensure information shared is end-to-end protected with strong encryption and perfect forward and backward secrecy.
As always, Wickr Me users maintain the privacy and security controls, whether they communicate with Me or Pro users. When a Wickr Me user is added to a secure room by a Wickr Pro network, the expanded collaboration features automatically become available for all.
Wickr Pro users can now seamlessly connect and share information via encrypted calling, video conferencing, file transfer and messaging with outside partners who are using any of Wickr’s SaaS apps or personal messenger Wickr Me. Our messaging protocol, vetted by top security researchers and open for public review, will serve as a single communications layer that spans the entire organization, its vendors and partners to enable users to find each other and connect without losing control over proprietary data.
With Wickr secure channels, ephemerality and privacy controls are now easy to enforce across all apps and companies’ communications. No matter who you are talking to, you always control how long information lives on all recipients’ devices to minimize the window of opportunity for attackers to compromise valuable business data.
You can learn more about Wickr Security here. In a nutshell, the privacy and security of user content and accounts is enabled by the following:
- Account data is protected by scrypt to harden against off-line dictionary attacks;
- Message data is protected by AES-256 GCM and signed using ECDSA with Elliptic curve P521;
- Message keys are exchanged using ECDH with Elliptic curve P521 and HKDF;
- SHA512 is used as a hashing function for security-critical operations.