Symphony encrypts all messages end-to-end which is an approach demanded by sophisticated, security-sensitive institutions, especially those in financial services.
Unlike conventional cloud-based communications platforms, messages on Symphony’s enterprise offering remain encrypted the full time they are on the cloud and are not visible to Symphony’s cloud servers.
Unlike bring your own key cloud platforms where customers upload their key to a vendor’s platform making it vulnerable to compromise, Symphony does not have access to the keys or contents. This makes Symphony much more secure than conventional cloud platforms and therefore attractive to institutions that prioritize security.
Symphony uses standard cryptographic algorithms widely trusted in the security community:
- AES-256 as a symmetric cipher
- RSA-2048 for asymmetric key exchange
- SHA-256 for hashes
As is normal for end-to-end encrypted applications, Symphony also uses TLS as an additional layer of protection for data in motion and storage encryption for data at rest, on top of the end-to-end encryption that is applied to all messages and content before they leave the client.
Learn more about Symphony's security practices in our blog.