Encrypt everywhere, start where it matters most
In 2016, announcements of several major mobile messaging apps set a spotlight on end-to-end encryption. Google has Allo, Facebook allows you switch to private messaging, and when using WhatsApp, now even your video chats are end-to-end encrypted. Besides, there are neat, secure chat apps like Signal, Threema, Wire or Wickr, where end-to-end encryption is not just an optional add-on but a core feature of the service.
Messaging: one of the many channels
Messaging is only one of the many channels where we share information with our friends, colleagues, or clients. Shared documents, voice calls, and emails include a lot of information that needs to be protected from government surveillance or data breaches – hence why end-to-end encryption should be considered in all of them.
— Tresorit (@Tresorit) November 14, 2016
Twitter folks think encryption is needed everywhere
Encrypted apps for all of these communications channels are essential building blocks of digital security and privacy. End-to-end encryption is not a cover-up to hide secrets; it is a security tool that helps you protect your data and empowers you to keep control over who has access to it. We believe that all information belongs solely to the sender(s) and the recipient(s), regardless of the degree of its confidentiality. By protecting all channels, you’re minimizing the risks and working towards keeping your information safer.
Specific situations and needs may differ though. Also, saying goodbye to all non-encrypted apps is not a realistic scenario in many cases. Therefore, it is worth to assess individual requirements and workflows when choosing which channels to protect and to what degree.
- Secure emails and file sync are imperative for the majority of businesses who work with confidential documents. A law firm for example, needs a secure document sharing tool to handle angreements both internally and with clients.
- For activists, instant messaging is a must, too, because they often work on-site and need quick ways to reach each other.
- A journalist who wants to protect their source needs encrypted messaging, a secure content sharing tool and encrypted and anonymous internet connection as well.
Encrypt everywhere, start where it matters most
First, identify the channels where you most often share sensitive or confidential information and start with moving towards encrypted alternatives. Use encrypted apps that have end-to-end encryption by default to protect your data all the time, not only when you switch it on. Switch-on encryption can be actually dangerous for you and others who need privacy – as explained by Gennie Gebhart in an excellent article for the Electronic Frontier Foundation.
To avoid compromising your secure workflows, set up other encrypted communication channels, too, where you can share information and can also use as a backup.
We are happy to see that there are a lot of tools available for those who want to protect their data from data breaches or government surveillance. What are these?
- Secure and private internet connection – Everything starts with the security and privacy of your internet connection. Make sure you submit information only through encrypted sites using the https protocol. In cases where also security and anonymity are important, use a VPN like ZenMate or the Tor Browser.
- Emails – Email encryption can be a tough job, as PGP is not the easiest to set up and use, especially if you don’t have the expertise. Here you can find an easy-to-follow guide how to do this. If you want to avoid this process, you can also switch to a secure email alternative like Protonmail or Tutanota – keep in mind that other, external email services that you will send emails to from them, aren’t necessarily using end-to-end encryption though.
- Messaging and Chat – Messaging is quick, convenient, and used by billions of people. Fortunately, there are multiple encrypted apps to choose from: Signal, Threema, Wire or Wickr all offer by-default encrypted solutions.
- File sync & sharing – You can either use plugins for mainstream apps or self-hosted services like NextCloud to encrypt and share your data. If you look for a secure and still easy-to-use app that protects your data under strict privacy laws, consider Tresorit.
- Voice and video calls, conferences – Crucial for businesses. Check out CryptTalk or Wire who provide secure and private calls.
- Disk encryption. Encryption in the cloud doesn’t mean physical protection. End-to-end encryption protects data in the cloud, however, it means that you are in charge of protecting the device where the information and files are stored. For that, disk encryption, malware protection and the use of pin codes are essential.