The US Office of Cybersecurity finally banned WhatsApp on all staff devices, a move that has left many wondering why it took so long.
The memo:
“The Office of Cybersecurity has deemed WhatsApp a high risk to users because of the lack of transparency in how it protects user data, absence of stored data encryption, and potential security risks involved with its use,” Reuters reported the memo as saying.
Meta also confirmed this announcement, not that it needed confirmations, but more specifically, to express their concern regarding the ban.
“We disagree with the House Chief Administrative Officer’s characterization in the strongest possible terms…
Messages on WhatsApp are end-to-end encrypted by default, meaning only the recipients and not even WhatsApp can see them. This is a higher level of security than most of the apps on the CAO’s approved list that do not offer that protection.”
We can agree to disagree with both parties, since the US Office of Cybersecurity recommends MS Teams as an alternative or Wickr, Signal, iMessage and FaceTime. Avoiding Telegram [1][2] is not strange, however recommending service without end-to-end encryption such as MS Teams is not better than using WhatsApp.
Obvious security measures are needed, particularly in high-security locations such as US Government offices. The secure course of action is: smartphones should be banned. Employees can store their devices securely and use only approved work phones. We also hope US InfoSec is better than we think, despite needing tighter software and OS control. Currently, the main entry point is seen as smartphones and their vulnerable, cybersecurity-uneducated users.
And with Meta’s statement, we cannot really disagree that it offers end-to-end encryption. However, when everyone has the key to your home, the lock is no longer a deterrent anymore.
Photo by Dimitri Karastelev on Unsplash.
Comments are closed.