“It’s encrypted” – is that enough?

The news has been full of significant data breaches or exposure of user data unwittingly this past year, especially from popular apps like Facebook, Instagram and even Slack. Many of these stories involve user information being shared despite settings being set to private. How do you make sure your information is not being shared with third parties, or being exposed to anyone on the web?

Every other day it feels like there are new stories of data breaches, with user phone numbers and email addresses exposed. Many of those breaches could be happening through the apps you use. In fact, a recent report found that 40% of apps have security flaws. That means almost half the apps on your phone could be leaking private information!

How could this be?

 NYNJA Co-CTO Nikolay Bankov explained that “a lot of the legacy applications out there use old libraries and out-of-date technologies.” That’s why “with NYNJA we had the opportunity to start anew and we have utilized all the best in class technologies for security and encryption.”

“Security is of ultimate importance to us. We have businesses depending on us to keep their data safe. We’re launching our own Wallet for the NYN Coin, so that definitely helped fuel our interest in finding the best security technology we could. Not just for coin transactions, but to extend that to the teams using our app, we wanted to make sure all their data, calls, files, everything, is encrypted end-to-end and kept secure,” shared JR Guerrieri, NYNJA CEO.

“Specifically we use 256 bit key for encryption in transit and at rest. All of our communication is encrypted and we do not store any keys or tokens on the client,” said Bankov. “Keys” and “tokens” are used to decrypt the data. By keeping decryption keys on their own servers NYNJA makes their customer’s info less vulnerable to potential hackers.

Why encryption is necessary becomes easier to understand once you see how many points your data is being relayed to get from your phone to another. From your device to a cell tower, to a network exchange to a data center and back again is a simplified route. The diagram below shows call or message data being sent from a cell phone in North America to a cell tower, to a network exchange to a cable landing system that sends it under the ocean via cable to a cable landing system in Australia, where it goes through a network exchange to a cell tower to the recipient cell phone. 

This doesn’t include any data that may be transmitted on the way to your service provider, Google or other entities. You can see how all the bits and bytes you generate have multiple places data can be gathered, and why it’s so important for it to be encrypted no matter if in transit or ‘at rest’ in a data centre or on your phone or laptop.

The number of recent announcements of security breaches by leading software companies is alarming, including exposed databases of personal data. Here are a few examples:

  • Facebook got into hot water with its Messenger app and strangers being able to access children. Children can use Messenger with approval from their parents, but this requirement was not built into Messenger groups. Children were actually contacted by adults via this loophole. Read more about it.

  • Instagram users who set their accounts to private got a shock when it was discovered their posts could be viewed via a web browser! Report by BuzzFeed.

  • Slack was in the news recently because of a historical data breach requiring a large group of its users needing to reset their password.

 Extra attention to security pays off. When selecting how your business information like team discussions, updates and sensitive product, sales or marketing information is stored, be sure to use a platform that includes end-to-end encryption, like NYNJA.

June Macdonald