Secure communications are of fundamental importance for the security and defense sector. This is no news. The field is where most advancements in cryptography came from anyway. On top of its encrypted products and services, Secure Group offers innovative approaches to connectivity and infrastructure independence that bring security one step further.
In terms of security, mobile communications are a tricky field. The way the regular cellular infrastructure operates leaves many attack surfaces and vectors and gives elevated access to use communications a number of third parties. There are several general concerns about the security of mobile communications in the security and defense sector:
- Network operators have elevated access to the content and metadata of mobile communications.
- IMSI catchers – the surveillance technology giving that access to law enforcement for wiretapping purposes – is now widely available to other parties, including criminals.
- Vulnerabilities in the SS7 protocol used by all networks offer almost unlimited options for location tracking of devices and, by extension, individuals.
- Communication apps and services rely on third-party infrastructure, with little or no guarantees that messages aren’t stored and read.
- Mobile devices are inherently vulnerable to hacking and malware infections.
These general concerns call for a holistic approach to mobile security which combines strong encryption and a minimal role of third party operators and server infrastructures.
How Secure Group helps the security and defense sector
We offer a range of secure communication solutions, designed to give end-users control and make them independent from third parties. There are several pillars to our approach to securing communications in the sector:
- Strong end-to-end encryption and secure devices, designed to withstand hacking attempts.
- Mobile device management (MDM) capabilities to micromanage said devices.
- Interoperability with different infrastructures, allowing to run our whole range independently and on-premises by clients through their own servers.
Self-hosted services option
With Secure Box, our enterprise-level offering, users can create their own communication centers and remain independent from third parties, including us. It allows clients to run a copy of our MDM Secure Administration System (SAS) on their server infrastructure; together with all the backend systems necessary for the operation of our encrypted communication apps.
End-to-end encrypted communications
The apps – Secure Email, Secure Chat, and Secure Voice – provide strong end-to-end encryption using the PGP, OTR, and ZRTP protocols, respectively. With 4096-bit keys, SHA256 hashing, and the quantum-resistant AES-256 cipher, they guarantee no communications can ever be decrypted by a third party, even if intercepted.
Encrypted devices
Secure Phone is an encrypted communications device, which offers several layers of security. The top one is the above-mentioned bundle of communication apps. However, the device also sports a highly-modified, Android-based OS, with several vulnerabilities removed. Secure Phone features no internet browsing and no Google services, and each app on it has its own encrypted storage. This means that the way for malware to get to the device is cut off and that even if it does get there, there is no way it could access and mine sensitive data. The device also has a built-in IMSI-Catcher Detector app.
Mobile device management
SAS is an MDM platform which allows total, granular control over specific Secure Phone devices or groups of them. Through this system (which you can run independently on your server), you can turn on and off different apps on the device, as well as functions and hardware such as USB, Bluetooth, the camera, the microphone, etc. Anything that could create an attack vector can be safely and remotely turned off.
Comments