Safety Detectives: Please share your company background, how you got started, and your mission?
Armour Communications: Armour Communications was founded in 2015, by directors David Holman and Andy Lilly. They recognized that there was a need for more robust mobile communications solutions for enterprises. All organizations, in every sector, of every size, both public sector and commercial, have sensitive data to protect. (Examples of these are: intellectual property, price lists, customer lists, formulae, commercial agreements, merger/acquisition/valuation data, personally sensitive/identifiable information, information relating to personal or national security)
While there are plenty of free-to-use, encrypted communications applications for the consumer market—WhatsApp for example, being one of them—professional enterprises, corporations, and regulated industries all require platforms where privacy and security are guaranteed through enterprise-level management, extending way beyond just having end-to-end encryption.
For example, information handled or held by apps on mobile phones is particularly vulnerable to attack. Unless a suitable solution is used, the organization has no control over where that data goes, who it is shared with, what services are used to transmit the data, and where it might be stored.
SD: What is the main service your company offers?
AC: Armour Comms is a specialist in mobile data security and compliance, providing trusted and certified solutions for secure communications. Armour’s solutions protect voice, messaging, video, conference calls, and the associated data (both file attachments and meta-data) and run on off-the-shelf devices (iOS & MacOS, Android, Win10).
Armour Comms has developed two parallel product lines suitable for different use cases.
- Armour Mobile – Highly functional, with options for Audit (Recall), Conferencing (Unity), and Message Burn (timed deletion of messages). Armour Mobile is centrally managed, enabling organizations to completely control who has access to the system, i.e. a closed community. Approved for use up to UK government OFFICIAL SENSITIVE and NATO RESTRICTED. Suitable for regulated markets such as finance, legal, health, and organizations with specific or complex requirements.
- Signet by Armour – Based on Signal with enhanced features, including disappearing messages (timed deletion of messages) and a significantly improved user interface, SigNet is ideal for organizations that require an entry-level to professional secure comms or are looking to move away from the use of consumer-grade apps within their business.
Both solutions can be cloud-hosted, run as a managed service, or installed on a customer’s premises for total privacy.
SD: What is something unique that helps you stay ahead of your competition?
AC: Armour’s technology was originally developed for government and public sector organizations, designed to be fast to deploy, easy to use, and centrally managed, enabling employees to continue to communicate via their existing devices, but in a more secure manner. As a result, Armour focuses on certifications and accreditations within the UK market, demonstrating our commitment to providing highly flexible, highly usable, and highly secure mobile communications solutions suitable for use by organizations of all sizes, with all types of risk appetite.
- Armour achieved ISO27001 and a Queen’s Award for Enterprise.
- Armour Mobile and SigNet have won industry awards (SC Magazine – Best Secure Mobile product, Winner and Highly Commended – separate years)
- Armour Mobile has been certified by NCSC and NATO; it is approved for use up to OFFICIAL SENSITIVE, and NATO Restricted. With additional hardware factors, it is suitable for use at SECRET.
SD: What do you think are the worse cyberthreats today?
AC: The single biggest threat is the huge attack surface offered by the multitude of at-risk devices – namely every mobile phone that is not adequately secured. Every mobile phone that uses free consumer-grade apps for business conversations is a target for scammers, phishers, hackers and, if the target is of high enough value, nation-state actors.