Ce contenu n’est pas encore disponible en français.

Comparison of Communication Tools for Companies

Learn how collaboration tools and engagement apps differ from secure messengers for businesses.

At first glance, the countless communication solutions available for companies seem almost indistinguishable. However, a closer look reveals significant differences, particularly in terms of security and privacy. This comparison shows where these differences lie.

The comparison was compiled to the best of our knowledge based on publicly available information (as of April 2021). Should you discover any errors, please let us know.

Threema Work Compared to:

other secure messenger

Besides Threema Work, there are several other business messengers that claim to be security-focused and privacy-aware: Wire, Amazon’s Wickr, Stashcat, and Teamwire. In many respects, however, the different solutions approach security and privacy in very different ways, of which some are neither security-focused nor privacy-aware. For example, some of the so-called “secure” services lack data-protection basics such as consistent end-to-end encryption, or their architecture isn’t decentralized.

On the other hand, the differences among secure business messengers are less striking as far as features are concerned. While some services support audio and video conferences, most of them don’t apply end-to-end encryption to conference calls. Thanks to Threema MDM, all configuration options are always available in Threema Work, even if no MDM system is available. Furthermore, no additional services are required to send “messenger newsletters” to the entire staff or to individual departments when using Threema Work.

Even though Threema Work offers the highest level of security and the most comprehensive data protection, it is still the most affordable and by far the most popular service, especially considering the user base of the regular Threema app.

Collo

In tools like Google Chat and MS Teams, where collaboration takes center stage, communication plays a secondary role. These services not only offer a wide range of features but also allow for deep integration into existing infrastructure and seamless transition from one device to the next. All this comes at a high price, as security and privacy protection fall by the wayside. Google Chat and MS Teams store messages on a central server and don’t employ end-to-end encryption, which means that they’re not suitable for the exchange of sensitive data. Using collaboration tools on a smartphone is often inconvenient and rarely efficient due to the overwhelming amount of features, settings, and options. On a mobile device, users generally prefer an intuitive and straightforward app like WhatsApp or Threema.

Unlike collaboration tools, Threema Work focuses on security and data protection, and in contrast to US-based solutions, there’s no doubt about its GDPR compliance. Instead of an intransparent intercontinental server network, Threema Work only uses local servers in Switzerland, and thanks to its restriction to essential features, easy, efficient and distraction-free communication is guaranteed.

Engagement

The primary focus of engagement apps is information distribution. Their goal is to completely replace email and to enhance the interaction between management, supervisors, and employees using internal social networks and similar communication channels. With this aspiration, engagement apps aim to achieve much more than simple chat apps. However, it’s open to question whether the staff actually uses features other than the chat functionality in the intended way. In many cases, a chat app that’s streamlined, only contains essential features, and also supports top-down communication is more efficient than an engagement app that combines many different and often unrelated tools in one place and floods the staff with all sorts of information.

In terms of security and privacy, services like Beekeper and Staffbase doesn’t compare with Threema Work. They are based on a centralized architecture and do not employ end-to-end encryption, which means that the service provider can, in theory, access any content at any time.

Messengers Not Considered

Messengers based on the Matrix protocol, like Element, were not taken into account because the federation leads to considerable privacy drawbacks. For example, messages and metadata are permanently stored on all involved servers, which means that every server operator is able to track who communicates with whom at what point in time. In the same vein, it’s evident for all server operators who the members of groups are, and the operator of a user’s home server is, in theory, even able to access their contact list.

Messengers for private users lack the tools for administration and user management that business solutions provide. That’s why chat apps like WhatsApp, Signal, and Telegram are stacked up against one another in a separate comparison:

Corporate Messaging

Threema Work
Stashcat
Teamwire
Wickr
Wire
Google Chat
Microsoft Teams
Beekeeper
Staffbase

Threema Work

Stashcat

Teamwire

Wickr

Wire

Google Chat

Microsoft Teams

Beekeeper

Staffbase

Distribution and Pre-Configuration

Free, non-binding trial version users can activate themselves

The trial version allows potential users to immediately test all features without any obligation and without having to contact the provider

After verification of the domain

Administration console for user/license management

MDM integration

Platinum price plan only

Mobile application management (BYOD)

App pre-configuration, feature restriction, and policy enforcement

?

Multitenancy

Independent administration of different mandates, e.g., for subsidiaries

?
?
?

Integration and Automation

Corporate directory integration

Predefined groups

Administrators can create central group chats for teams

Automation and integration into 3rd-party systems

Companies can send and receive messages in their own software

Message-API Threema Gateway
?

Single sign-on for desktop/mobile app

Platinum price plan only

Single sign-on for administration console

For example, using SAML

?
?

User Group

Closed user group

Restrict communication to internal contacts

On-premises
On-premises

External parties

Incorporate external contacts without creating additional user accounts

Using Threema or Threema Work
?
Only using guest account
Only using guest account
Only using user account
Only using user account
Only using guest account

Grouping users

Create units of multiple users

With MDM parameter th_category

Storage and Data Retention

Automatic enforcement of data-retention policies

?
?

Central message archive

Optional in predefined groups
?

Conclusion

In contrast to chat apps for private users, business solutions offer a console where company administrators can manage the employees. Thanks to Threema Work’s high flexibility, the service easily adapts to every organization’s needs. In BYOD scenarios, Threema Work scores extra points with Threema MDM, while most other solutions only support external MDM systems. Threema Work combines comprehensive pre-configuration options with a straightforward app distribution.

All solutions support integration into directory services. External users can join Threema Work without having to complete a tedious registration process and even without providing a phone number or email address. On top of that, Threema Work can also be restricted to a closed user group.

Not to offer an option to archive user chats on a central server (e.g., for compliance purposes) is a deliberate decision of Threema Work because this would, in theory, allow the service provider to access message contents, which, in turn, would render the security benefits of end-to-end encryption completely useless.

App configuration with and without an MDM system

Data Protection

Threema Work
Stashcat
Teamwire
Wickr
Wire
Google Chat
Microsoft Teams
Beekeeper
Staffbase

Threema Work

Stashcat

Teamwire

Wickr

Wire

Google Chat

Microsoft Teams

Beekeeper

Staffbase

Full GDPR Compliance

The service undoubtedly complies with all requirements of the European Union’s General Data Protection Regulation

But HIPAA, FINRA, FOIA, FRA
Questionable
?

No phone number or email address required

It’s not necessary to provide a phone number or email address to use the app

No address-book access required

To populate the app with internal contacts, no access to the address book is required

?

No collection or disclosure of user data

?

No registration required to use the app

No account is required to use the app

Website: No trackers, no analytics

No external/commercial tracking or analytics software is used on the website

Google, Microsoft
Google, Hubspot
GTM, DoubleClick
?
Google, VWO, etc.
Google, Hubspot, etc.

Customer relationship: No external servers/services2

Data generated in the customer relationship (sales, customer care, support, etc.) is not transmitted to external servers or services

Pipedrive, IBM, etc.
Google Apps
Google Apps, Salesforce, Zendesk, etc.
Google Apps, Salesforce, Zendesk, etc.
?
?
Google Apps, Salesforce, Zendesk, etc.
Google Apps, HubSpot, etc.

Server location/service operation

Location: CH
Operation: Own servers
Location: DE
Operation: Own servers
Location: DE
Operation: unclear
Location: USA
Operation: unclear
Location: LU
Operation: Cloud service of a US service provider
Location: variable Operation: variable
Location: variable Operation: variable
Location: variable Operation: unclear
Location: DE
Operation: Cloud service of a US service provider

Data processing agreement

?
?

Juristiction

Switzerland
Germany
Germany
USARisk: CLOUD Act
Switzerland & USA
Variable
Variable
Variable
Germany

Conclusion

As is to be expected, Threema Work is well ahead of the competition in terms of data protection. From user integration, where neither an email address nor a phone number is required, to server location and operation, to the strict avoidance of data collection, other services should take Threema Work as reference point. Threema Work is the only service that maintains its own servers.

Security

Threema Work
Stashcat
Teamwire
Wickr
Wire
Google Chat
Microsoft Teams
Beekeeper
Staffbase

Threema Work

Stashcat

Teamwire

Wickr

Wire

Google Chat

Microsoft Teams

Beekeeper

Staffbase

App

End-to-end encryption

All messages, including media and files, are end-to-end encrypted

Additional setting required

Decentralized architecture

Groups and contact lists are managed directly on the user devices, not on a central server

Contact verification

Contacts can be verified “out of band,” i.e., without having to trust the service provider’s directory service

Strong encryption on end devices

Access lock

Access to the app can be protected using biometrics or a PIN

Customizable registration duration

Administration Console

Two-factor authentication

Password policies

Minimum length

Granular level of administrator rights

Code and Technology

Encryption procedures are well documented

Open source

Frequent independent audits

October 2020
September 2020
August 2020
2018
November 2020

Conclusion

The pillars of Threema Work’s security are consistent end-to-end encryption of all content on one hand and its decentralized architecture on the other hand. While it’s no big surprise that collaboration tools and engagement apps don’t offer end-to-end encryption, it is notable that there are also so-called “secure” business messengers that don’t protect exchanged messages using this technique.

Threema Work is not the only services that regularly commissions external experts to conduct comprehensive security audits. Some major differences between Threema Work and other services lie in contact verification and the security of the administration console.

Resources More information about data protection and privacy

Features

Threema Work
Stashcat
Teamwire
Wickr
Wire
Google Chat
Microsoft Teams
Beekeeper
Staffbase

Threema Work

Stashcat

Teamwire

Wickr

Wire

Google Chat

Microsoft Teams

Beekeeper

Staffbase

App Features

Text and voice messages

Voice and video calls

Not end-to-end encrypted
Not end-to-end encrypted
Not end-to-end encrypted

Group chats

256
Unknown
Unlimited
500
150
8000

Distribution lists

Chats structured as threads

Social Media Streams

Audio and video conferences

Unkown
50
25
100
300

Screen sharing (desktop)

Off-hours policy

Notifications can be disabled during off-hours (e.g., on the weekend)

Polls

Using Bots

Mentions

?
?
In Social Media Streams

Online status

Message quoting

?

Self-destructing messages2

?

Deletion of sent messages on chat partner’s device2

?

Portability

Web/desktop app

Web app
Web app

Parallel use on multiple devices

The same identity can be used on multiple devices in parallel, but it’s not required that one specific device is connected to the server

Soon
?
Using web app

Support for multiple identities

Multiple identities can be used in parallel with just one app instance

Using Threema app
?

Other Features

Broadcasting

Send “messenger newsletters” to all users or certain user groups

Corporate Directory

Soon

Bots

Including default bots that can be used immediately without development efforts by the customer

Via API
Must be coded by user
Must be coded by user

Conclusion

The less secure a service is, the easier it is to implement features. Conversely, certain features are not available (or only to a limited extent) in secure solutions that employ end-to-end encryption.

Threema Work provides all essential features that users expect from a modern instant messenger plus some useful tools for everyday work, e.g., the off-hours policy and the poll feature. A major benefit of sticking to the essentials is the ease of use Threema Work offers.

Overview of the Threema Work app’s feature set

Licensing, Support, and More

Threema Work
Stashcat
Teamwire
Wickr
Wire
Google Chat
Microsoft Teams
Beekeeper
Staffbase

Threema Work

Stashcat

Teamwire

Wickr

Wire

Google Chat

Microsoft Teams

Beekeeper

Staffbase

Licensing type

Per device
Per user
Per user or
per device
Per user
Per user
Google Workplace
Microsoft Office
?
?

License costs per month and use

From € ~1,30
CHF 1.40
From € 3,90
?
From € 4,99
From € 5,00
No separate product price
No separate product price
?
?

Implementation types

SaaS, On-premises
SaaS, On-premises
SaaS, On-premises
SaaS, On-premises
SaaS, On-premises
SaaS
SaaS
SaaS
Hybrid

White Labeling

Company logo
Company logo and color

Conclusion

In addition to aspects like security and functionality, the price is also a key factor when choosing a corporate messenger.

Unlike Threema Work and other secure messengers, the collaboration solutions MS Teams and Google Chat are not available as standalone products with a separate price plan. Not all service providers are transparent about their prices, but according to the available information, Threema Work is the most affordable option.

Threema Work’s price plans