- ProductsCompliant Messaging
Message clients without sacrificing compliance
The non-compliant use of messaging platforms has led to billions in regulatory fines. Symphony helps enable seamless compliant messaging with clients via WhatsApp, WeChat and SMSOverview
Enable surveillance and recordkeeping of clients’ preferred messaging platformsSMS
Enable maintenance of SMS communication records for regulatory complianceCore Collaboration
Secure, seamless cross-firm communication
The only fully open, scalable, and secure collaboration platform purpose-built for global markets – enabling efficient workflows and compliant communicationPlatform
Suite of modular collaboration capabilities accelerates communicationEmbedded Collaboration
Leverage Symphony’s capabilities in your platforms and portalsSecurity & Compliance
Secure, compliance-enabling framework meets the stringent needs of marketsVoice
Cloud-based voice collaboration
Compliance-enabling and scalable voice technology maximizes efficiency by defragmenting communication and connecting traders and trader-adjacent teams instantlyCloud9
Eliminate communication silos and provide instant voice connectivityInstant Voice
Cross-organizational solution native to Symphony and built for speedCloud9 Desk
Trader-adjacent connectivity with global intercom across internal teamsCloud9 Trader
Full-featured turret replacement with maximum external connectivityVideo
Start and join video meetings from Symphony
Facilitate productivity, collaboration and effective co-working with leading video conferencing platforms integrated alongside Symphony chats and roomsZoom
Keep collaborating in Symphony while joining or hosting Zoom meetingsMicrosoft Teams
Retain Symphony workflow context during Teams Video meetingsIntegrations
Essential tools to streamline workflows
Connect your everyday systems to Symphony to improve efficiency, reduce context switching and mitigate manual tasksEnterprise Integrations
Enterprise software bi-directionally integrated with SymphonyApps & Bots
415+ apps and 2K+ bots to help streamline and automate workflows
- AboutThe only secure and compliance-enabling collaboration platform built for markets
- LeadershipSymphony’s global executive team driving the company forward with purpose
- PartnersA network built to bring connectivity to the global financial markets community
- CareersAvailable opportunities to join the Symphony team in offices around the globe
- News, Press & EventsThe latest press releases, media and events featuring Symphony
- Contact Us
- Join the Ecosystem
Slack Gets A Little More Security, But Is a Little More Enough?
As security and privacy become increasingly important concerns for businesses and consumers alike (see Facebook’s recent strategic pivot), it’s not surprising that collaboration vendors are busy adding new security measures to their products.
Case in point: on Monday, Slack announced GA of Enterprise Key Management (EKM), a feature which they pre-announced last September, and of which we wrote about in our blog at the time.
Slack’s blog post announcing EKM provides a bit more detail about the service, and directly calls out use cases for “high-regulated industries like financial services” in their messaging. Clearly, Slack is noticing that its service doesn’t cut it for large enterprises who are concerned about compliance or security. But let’s take a closer look at Slack’s EKM offering and what it does – and doesn’t – offer.
EKM + BYOK ≠ E2EE
In its blog post announcing the launch, Slack explains that EKM provides customers the ability to “Bring Their Own Keys” (BYOK) to encrypt messages and files. Together, Slack says, EKM and BYOK are adequate protection for your data.
But there is no replacement for true end-to-end encryption.
With Slack EKM, the keys are loaded onto the cloud, and those keys are used to decrypt messages and files on cloud servers. This exposes the messages and files in clear text on the cloud, turning them into a potential attack surface area.
This doesn’t really improve real-world security for the most important attack scenario. The very cloud servers that have access to the keys and can decrypt content are precisely the servers that hackers would focus on, giving a successful attacker access to both the data and the encryption keys necessary to access the information. BYOK doesn’t protect you from having your data breached if the keys–as with Slack’s EKM offering–are accessible to the cloud servers.
The main breach-protection “benefit” of Slack EKM appears to be that it is easy to cancel your encryption keys after a security incident. But if the service is compromised, you’ve already lost your data. An attacker will quickly exfiltrate the decrypted content. This feature is akin to closing the barn door after the horse has already escaped: it won’t get you your horse back. It may help you protect future data you load into the platform, but after something like this happens, you’d probably be looking for a more secure solution anyway.
Part of this comes down to a limitation of Slack’s system architecture. It wasn’t architected with security at its core, so Slack is now attempting to retrofit security into an existing model, but that’s extremely difficult – if not impossible – to do right. Unfortunately these limitations mean that purchasers of messaging platforms now need to sort through “fig leaf” bolt-on features that don’t really address the underlying security weakness of this design.
How Does Symphony Compare?
At Symphony, security is core to our DNA. We invested on Day One to build our entire platform on true end-to-end encryption. We have offered Key Management from the get-go. This is why we have an unmatched encryption model that operates effectively without compromising usability, including in search and with bots and workflows.
In our enterprise collaboration platform, cloud servers have no access to encryption keys at all, and keys are not only created by the customer, but remain entirely in the hands of the customer the whole time. Symphony customers can keep their keys safely on-premise at all times. So, even if the cloud service is breached, the keys remain safe because they aren’t even there.
This is what we mean when we talk about true end-to-end encryption. We don’t decrypt objects on cloud servers — ever. It’s this security model that provides the core protection every enterprise should demand.
The Bottom Line
The bottom line is: Slack is still operating on a legacy security model, even with this new update. In contrast, 400,000 of the world’s most security-conscious users trust Symphony and chose us after extensive due diligence. There is no better vote of confidence than that.
Want to know more? Watch our video, view our infographic, or download our white paper “As Collaboration Shifts to the Cloud, Security Requires a Rethink” — and see how our true end-to-end encryption model is unmatched.
Please also feel free to reach out to the team at firstname.lastname@example.org if you’d like to learn more about how Symphony can help your team collaborate securely.