email_alternatives
Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revision | ||
email_alternatives [2019/08/06 18:40] โ neil | email_alternatives [2021/07/29 14:29] (current) โ neil | ||
---|---|---|---|
Line 3: | Line 3: | ||
====Key points: ==== | ====Key points: ==== | ||
* [[#Email is probably not the most secure choice, so consider alternatives|Email is probably not the most secure choice, so consider alternatives]] | * [[#Email is probably not the most secure choice, so consider alternatives|Email is probably not the most secure choice, so consider alternatives]] | ||
+ | * [[#Consider a client portal|Consider a client portal]] | ||
+ | * [[# | ||
* [[#Instant message or SMS-like apps|Instant message or SMS-like apps]] | * [[#Instant message or SMS-like apps|Instant message or SMS-like apps]] | ||
+ | * [[#Matrix / Element (used to be called Riot.im)|Matrix / Element (used to be called Riot.im)]] | ||
* [[# | * [[# | ||
* [[# | * [[# | ||
+ | * [[# | ||
+ | * [[# | ||
+ | * [[# | ||
* [[#Ways of sharing large or sensitive files|Ways of sharing large or sensitive files]] | * [[#Ways of sharing large or sensitive files|Ways of sharing large or sensitive files]] | ||
* [[# | * [[# | ||
Line 20: | Line 26: | ||
Chances are email is not the best tool for the job, but it is so engrained in the corporate world that moving away from it completely is unlikely to be viable. | Chances are email is not the best tool for the job, but it is so engrained in the corporate world that moving away from it completely is unlikely to be viable. | ||
- | Even with [[email# | + | Even with [[email# |
While the solutions here offer strong security, they lack (by design) some of the features which make email so popular and useful. For example, the ability to forward a message chain to someone, or to create " | While the solutions here offer strong security, they lack (by design) some of the features which make email so popular and useful. For example, the ability to forward a message chain to someone, or to create " | ||
+ | |||
+ | ====Consider a client portal==== | ||
+ | |||
+ | Some practice management systems include a client portal: an online system where you can send and receive messages, and drop off (and perhaps receive) documents for clients. | ||
+ | |||
+ | Some [[#Ways of sharing large or sensitive files|file transfer tools]] offer similar functionality, | ||
+ | |||
+ | Before relying on this, you'll want to make sure it offers appropriate security for your needs, especially if it is hosted by a third party, who might have access to your privileged messages and documents. | ||
+ | |||
+ | As with any software, if you do make use of a practice management system and a client portal, make sure you, and your clients, [[cloud# | ||
+ | |||
+ | ====End-to-end encryption may not protect you from a compromised device==== | ||
+ | |||
+ | End-to-end encryption is a method of securing communications, | ||
+ | |||
+ | This can be contrasted with the [[email# | ||
+ | |||
+ | While end-to-end encryption protects against some infrastructure access or compromises, | ||
+ | |||
+ | > The implant also has access to the user's keychain, which contains passwords, as well as the databases of various end-to-end encrypted messaging apps, such as Telegram, WhatsApp, and iMessage, Beer's post continues. ([[https:// | ||
+ | |||
+ | End-to-end encryption remains valuable, but you need to [[securing_your_computer|protect the device you are using]] for those communications. For example, [[securing_your_computer# | ||
====Instant message or SMS-like apps ==== | ====Instant message or SMS-like apps ==== | ||
If you want a secure alternative to instant messaging or SMS, consider these. | If you want a secure alternative to instant messaging or SMS, consider these. | ||
+ | |||
+ | Unlike email, none of these are interoperable, | ||
+ | |||
+ | ====Matrix / Element (used to be called Riot.im) ==== | ||
+ | |||
+ | [[https:// | ||
+ | |||
+ | It offers text-based chats between individuals and groups, as well as file transfer, and voice and video calls. | ||
+ | |||
+ | It offers end-to-end encryption across devices, mobile phones and web interface, allowing for easy synchronisation of the encryption keys through QR codes or emoji. | ||
+ | |||
+ | You can run your own server, if you wish (a bit like email), or else you can sign up to someone else's server, such as the project' | ||
+ | |||
+ | You do not need a phone number to sign up. | ||
+ | |||
====Signal=== | ====Signal=== | ||
Line 32: | Line 75: | ||
Signal is mainly a mobile app, but it has desktop counterparts. | Signal is mainly a mobile app, but it has desktop counterparts. | ||
- | It offers end-to-end encryption, without you needing to do anything. | + | It offers end-to-end encryption, without you needing to do anything |
It requires the other person (or people, as it has group messaging) to also have Signal. | It requires the other person (or people, as it has group messaging) to also have Signal. | ||
Line 44: | Line 87: | ||
=== WhatsApp === | === WhatsApp === | ||
- | If you don't mind giving data to Facebook, WhatsApp offers simple end-to-end encryption. | + | If you don't mind telling |
Like Signal, it offers group messaging. | Like Signal, it offers group messaging. | ||
Line 53: | Line 96: | ||
You can download it [[https:// | You can download it [[https:// | ||
+ | |||
+ | ===Threema === | ||
+ | Unlike Signal and WhatsApp, Threema does not require a phone number to set it up. If you don't have a phone number, or just don't want to link a phone number to an app, this might be worth a look. | ||
+ | |||
+ | |||
+ | ====Real-time chat (i.e. alternatives to Slack) ==== | ||
+ | |||
+ | ===rocket.chat === | ||
+ | |||
+ | [[https:// | ||
+ | |||
+ | You can also configure permissions to enable secure chat channels with clients, separating them from each other. | ||
==== Ways of sharing large or sensitive files ==== | ==== Ways of sharing large or sensitive files ==== | ||
Line 75: | Line 130: | ||
Make sure you delete the file from the platform when it has been transferred. | Make sure you delete the file from the platform when it has been transferred. | ||
+ | |||
+ | As Dropbox is very popular, it may be used as a vector for [[email#Be aware of phishing email|phishing campaigns]], | ||
===Nextcloud === | ===Nextcloud === |
email_alternatives.txt ยท Last modified: 2021/07/29 14:29 by neil