Choosing the right secure messaging app for your organization

In this Help Net Security interview, Liad Shnell, CTO at Rakuten Viber, discusses what organizations should look for in secure messaging apps, including encryption, privacy standards, and ease of integration.

Shnell also covers the need for a multi-layered approach to securing corporate messaging systems while balancing convenience with strong security.

What should organizations look for when selecting a secure messaging app?

When evaluating a secure messaging app, organizations should prioritize platforms that deliver advanced security, functional versatility, and future-proof technology. Key features to look for include end-to-end encryption by default, ensuring that messages and calls remain private at all times. Messaging apps should also be globally accessible, enable seamless communication across mobile and desktop, and support integrations with external tools.

AI-driven extensibility is another important factor. An app should incorporate AI for automation and scalable integrations to enhance productivity while safeguarding data. Privacy is also crucial. Verified standards and certifications, such as SOC 2 Type 2 and GDPR compliance, demonstrate a commitment to organizational safety.

Ultimately, organizations should choose an app that evolves with technological advancements and ensures operational continuity and privacy protection.

Phishing and malware attacks are prevalent threats on instant messaging platforms. What steps can users take to mitigate these risks? Are there any specific warning signs that users should know to identify suspicious links or messages?

Phishing and malware attacks are becoming increasingly sophisticated, often powered by AI. This makes user vigilance more critical than ever. To stay secure, users should follow basic online security principles: always practice caution with links and verify a sender’s identity before clicking, especially if the link requests sensitive data. Poor grammar, unexpected urgency, or unfamiliar domains in links often signal malicious intent. Look out for these red flags and act accordingly.

To help mitigate attacks, leading platforms combine visible and invisible shields for comprehensive safety. For example, Viber users can move messages from unknown senders into a dedicated folder with flagged links and clear warnings. They are also protected by advanced algorithms that monitor traffic patterns and block suspicious behavior before it reaches them.
The bottom line is that users can mitigate risks by being vigilant and cautious, and by trusting platforms that continually innovate to combat evolving threats while providing tools to stay secure.

What are the top three measures businesses should implement to secure their corporate messaging systems?

The SANS 2024 Security Awareness Report shows that 89% of respondents highlight social engineering attacks as their primary human-related concern. This issue cannot be tackled with a single measure. To secure corporate messaging systems, businesses must adopt a multi-layered approach.

Firstly, security awareness programs are crucial. These programs provide internal teams with ongoing education on how to recognize and respond to threats. Secondly, organizations need to clearly define acceptable usage and ensure all employees comply with organizational guidelines. Clear communication policies are essential to ensure that corporate messaging systems are used securely.

Finally, organizations should deploy AI-driven detection tools to identify potential breaches and establish rapid response protocols to address them. When these measures are part of a broader culture of cybersecurity, organizations can better safeguard their communication systems against emerging threats.

Users often prioritize convenience over security. How can we balance usability and strong security measures in messaging apps?

Convenience and security should not be mutually exclusive in a messaging app. The user experience is crucial. By harnessing AI-driven automation and zero trust principles, an app can offer seamless verification, such as biometric logins and invisible authentication layers. This ensures effortless and secure access to the service. Additionally, proactive threat management with real-time alerts and minimal disruption maintains a smooth user experience. The balance lies in creating solutions where users experience simplicity without compromising safety.

What emerging technologies or practices are you seeing in instant messaging security?

Security is an ongoing process and must be at the core of any instant messaging app that claims to be “secure.” As instant messaging evolves, so do security demands. One emerging trend is post-quantum cryptography, which prepares encryption protocols for the next generation of computational challenges. With the rapid advances in quantum computing, security mechanisms we currently consider secure might soon become obsolete. We need to be prepared for this.

Another key trend is enhanced AI detection to identify AI-generated users and synthetic content. This is crucial for preserving authenticity in conversations. Studies show that users perceive AI-generated content as less authentic than human-generated content, which can negatively impact their loyalty and word of mouth.

Technological developments never stand still. Messaging platforms must continually innovate to address both current and future security challenges.