By Otavio Freire, CTO and Co-Founder, SafeGuard Cyber
During a virtual panel discussion at the European Central Bank’s Forum on Central Banking in November, Federal Reserve Chair Jerome Powell noted the pandemic’s economic effect was to accelerate existing trends, including the increasing use of technology and automation. “We’re recovering,” he said, “but to a different economy.” Indeed, the adoption of cloud-based apps that maximize flexibility and minimize friction in business communication is just such a trend. These apps include obvious SaaS infrastructure like Microsoft Teams and Slack, but also some more unexpected apps like Telegram.
The encrypted cloud-based messaging app has been a favorite of disruptive financial services and cryptocurrency firms for its simplicity, speed, built-in encryption, and independence from the Facebook ecosystem. These disruptive players have adopted chat apps to increase sales agility and responsiveness to clients. Telegram is a powerful tool, but as with any technology: the same features that benefit businesses also present risks. In our recent Digital Risk Survey, 600 senior IT and security professionals cited the use of unsanctioned apps as the biggest security and compliance challenge. Here we’ll take a look at the top Telegram risks in turn, so you can make a more informed choice about whether the app is right for your enterprise.
Isn’t Encryption Sufficient?
Telegram is widely considered to be one of the most secure messaging apps in the world. It’s accessible from mobile, desktop, and has a number of third-party integrations. However, even encrypted chat apps are subject to security and regulatory compliance concerns. Telegram can host large groups (up to 200,000 users) and large file sizes (up to 1.5 GB), making it a robust platform for both internal collaboration and building communities among prospects and clients. However, these same features expand the threat surface for the following risks:
- Spear phishing
- Cyber espionage
- Data loss
- Compliance risk
While the chats may be encrypted, you still need visibility and controls at the message level to protect employees, and enterprise/customer data. The first three risks are related, so it’s worth looking at them together.
Spear-phishing, Malware, and Cyberespionage
As is the case with WhatsApp, Telegram users remain vulnerable to spear-phishing through links and file sharing. In Telegram’s large communities, it’s impossible to know everyone. Communities can easily be infiltrated by bad actors who share links or files with malicious payloads. This isn’t hypothetical. To date, different varieties of malware have targeted Telegram users to steal crypto wallets and conduct surveillance. And, more to the point, without controls, it’s difficult to analyze message content to understand if softer spear-phishing attacks are underway. You don’t always need a link to hook an employee. Sometimes a persuasive offer is enough.
When it comes to file-sharing in the app, risk teams should know what is being shared. Again, with limits at 1.5 GB, a lot of data can be leaked, exfiltrated, or even accidentally lost to human error. We have talked with organizations that lost valuable customer data in other mobile chat apps due to simple copy/paste errors! Similar to a network environment, security, compliance, or legal teams need the ability to apply policies that stop data from leaving the organization.
Given Telegram’s popularity with financial services and digital currency traders, regulatory compliance poses a clear business risk. A lack of visibility or controls can lead to unacceptable exposure. Users may intentionally or accidentally share customer PII or engage in conversations that violate regulatory compliance. And, similarly, without an ability to capture content in its native format or archive, financial services using Telegram will remain in a corner when it comes to legal readiness.
How to Enable Telegram Securely and Compliantly
All of this is not meant to scare you off Telegram. Being scared of new technology is not a sustainable business strategy. Here are some things to consider when looking for ways to secure Telegram:
- As a cloud-based messaging app, you need security and defense at the cloud level. The cloud-to-cloud defense can help teams mitigate risks or threats before they can transit to devices or into corporate networks.
- The sheer volume and velocity of communication necessitate machine learning to prioritize risk detection.
- Scalability for multiple languages. Telegram is popular in different regions, and it’s unhelpful if you can only identify threats in your native language.
- Cross-device functionality will ensure that security is applied no matter how your employees are using Telegram. More importantly, it won’t get in the way. Obstructive security only gives users the motivation to seek unsafe workarounds.
Telegram has given a competitive advantage in sales agility to more innovative and disruptive financial services firms. In all things information security, the balance is between risk and reward. Understanding Telegram’s risks can help security leaders make better decisions about the app’s suitability for their business.
About the Author
As the President, CTO, and Co-Founder of SafeGuard Cyber, Otavio Freire is responsible for the development and continuous innovation of SafeGuard Cyber’s enterprise platform, which enables global enterprise customers to extend cyber protection to social media and digital channels. He has rich experience in social media applications, Internet commerce, and IT serving the pharmaceutical, financial services, high-tech, and government verticals. Mr. Freire has a BS in Civil Engineering, an MS in Management Information Systems, and an MBA from the University of Virginia Darden School of Business, where he currently serves as a visiting executive lecturer. To learn more about SafeGuard Cyber, visit www.safeguardcyber.com.