Symphony encrypts its messages end-to-end, an approach demanded by sophisticated, security-sensitive institutions, especially in financial services.
Unlike conventional cloud-based communications platforms, messages on Symphony’s enterprise offering remain encrypted the full time they are on the cloud, and are not visible to Symphony’s cloud servers. And unlike “bring your own key” cloud platforms—where customers upload their key to a vendor’s platform where it becomes vulnerable to compromise, Symphony does not have access to the keys or contents. This makes Symphony much more secure than conventional cloud platforms, and therefore attractive to institutions that care a lot about security.
Symphony uses standard cryptographic algorithms widely trusted in the security community: AES-256 as a symmetric cipher, RSA-2048 for asymmetric key exchange, SHA-256 for hashes. As is normal for end-to-end encrypted applications, Symphony also uses TLS as an additional layer of protection for data in motion, and storage encryption for data at rest, on top of the end-to-end encryption that is applied to all messages and content before they leave the client.
Learn more about Symphony's security practices in our blog.