Out of Band communications is for classified discussion, business continuity and incident response. It should be used within the most security-conscious parts of the organization; from senior executive discussion to cybersecurity teams.
The phrase refers to communicating outside of the usual communication system, such as a reserved channel or network. It can also be a separate secure channel for confidential discussion or mission-critical teams, or even a backup solution for when the primary solution is unavailable or compromised.
In other words, Out of Band communications is for when ‘secure enough’ isn’t enough and where ‘mission-critical’ means ‘a complete collaboration platform, even in a crisis.’
Why do you need Out of Band?
In today's hybrid workplace, most teams rely on email, traditional collaboration tools, and (whisper it) consumer-grade messengers to communicate.
While these tools are used for regular business communication (although $2bn of fines say consumer-grade messaging apps aren’t acceptable), they are neither suitably secure (email and traditional collaboration tools), compliant (consumer-grade messaging apps) or robust enough (any centralised system) for sensitive discussions, incident response or mission-critical teams.
Secure Out of Band.
Learn more about how to support the most sensitive parts of your organization, and build the business case for Out of Band communications.
Download info sheetThe concept of Out of Band communications is still relatively new. Ask your average utility firm (or pretty much any other mission-critical organisation) how it communicates in a crisis and the answer will be “phone and SMS” or “phone and WhatsApp,” depending on whether it’s based in the US or Europe respectively.
It’s a pretty shocking admission for them to make. “Yeah, in a crisis, our strategy is to knowingly forfeit our ability to communicate as a team and pray we make it through with a series of phone calls. Maybe some group texts as well.”
You’d kind of hope that the response was more along the lines of: “We retain our ability to communicate as a team through a decentralized, secure real time platform that operates on a separate network should our primary network be compromised. That way we can ensure all discussion is confidential and the network stays available continuously - even in times of crisis. We use the same platform in our air-gapped environments.”
Hopefully the latter response will become more commonplace before utility firms are deliberately sabotaged by aggressive nation states or become huge targets for cybercriminals…
How does a proper Out of Band communication platform work?
A secure Out of Band communications platform needs to operate on a separate network to the rest of the business, otherwise it’s compromised and therefore unusable during a cyberattack or a major disruption.
It should also enable the organization to specify how its data is hosted (self-hosted on-prem or in the cloud, or as a managed service), and protect conversations through end-to-end encryption. And that means the entire platform has to be E2EE by default - including messages, attachments, voice, and video. Decentralization is important too, as that brings the benefits of a resilient, self-healing network to ensure communications stay operational.
Given the always-on nature of Out of Band communications, its users are more than likely to be working unusual hours. A purpose-built smartphone app is crucial, combining consumer-style ease-of-use with secure communications so that senior executives and mission-critical teams can communicate effectively from anywhere.
Finally, just because conversations might be sensitive or in crisis mode doesn’t mean they can break compliance; so enterprise functionalities such as corporate oversight, administration and record-keeping are still required for a corporate E2EE environment. Out of Band shouldn’t mean Out of Control.
Out of Band, but part of the orchestra
Element has many unique features as an Out of Band solution, but one of the most useful is interoperability with the primary network.
Senior execs, mission critical functions, DevOps and cybersecurity teams simply don’t want the hassle of jumping in and out of different communications apps. Element ‘bridges’ to the likes of Microsoft Teams and Slack to enable security conscious teams to use Element as their default app; even when communicating with the rest of the company. So specialist teams can use Element, while the majority of teams can use ‘good enough’ traditional tools.
Secure Out of Band.
Learn more about how to support the most sensitive parts of your organization, and build the business case for Out of Band communications.
Download info sheetBuild the business case for secure communications across your organisation...
ON-DEMAND WEBINAR: Make better secure communication decisions.
Secure communication through the lens of pioneering voices in tech. Learn how enterprise IT leaders can make better secure communication decisions ft. guests Hexagon and Forrester.
Watch now