At first glance, the countless communication solutions available for companies seem almost indistinguishable. However, a closer look reveals significant differences, particularly in terms of security and privacy. This comparison shows where these differences lie.
Comparison of Communication Tools for Companies
Learn how collaboration tools and engagement apps differ from secure messengers for businesses.
The comparison was compiled to the best of our knowledge based on publicly available information (as of April 2021). Should you discover any errors, please let us know.
Threema Work Compared to:
Besides Threema Work, there are several other business messengers that claim to be security-focused and privacy-aware: Wire, Amazon’s Wickr, Stashcat, and Teamwire. In many respects, however, the different solutions approach security and privacy in very different ways, of which some are neither security-focused nor privacy-aware. For example, some of the so-called “secure” services lack data-protection basics such as consistent end-to-end encryption, or their architecture isn’t decentralized.
On the other hand, the differences among secure business messengers are less striking as far as features are concerned. While some services support audio and video conferences, most of them don’t apply end-to-end encryption to conference calls. Thanks to Threema MDM, all configuration options are always available in Threema Work, even if no MDM system is available. Furthermore, no additional services are required to send “messenger newsletters” to the entire staff or to individual departments when using Threema Work.
Even though Threema Work offers the highest level of security and the most comprehensive data protection, it is still the most affordable and by far the most popular service, especially considering the user base of the regular Threema app.
In tools like Google Chat and MS Teams, where collaboration takes center stage, communication plays a secondary role. These services not only offer a wide range of features but also allow for deep integration into existing infrastructure and seamless transition from one device to the next. All this comes at a high price, as security and privacy protection fall by the wayside. Google Chat and MS Teams store messages on a central server and don’t employ end-to-end encryption, which means that they’re not suitable for the exchange of sensitive data. Using collaboration tools on a smartphone is often inconvenient and rarely efficient due to the overwhelming amount of features, settings, and options. On a mobile device, users generally prefer an intuitive and straightforward app like WhatsApp or Threema.
Unlike collaboration tools, Threema Work focuses on security and data protection, and in contrast to US-based solutions, there’s no doubt about its GDPR compliance. Instead of an intransparent intercontinental server network, Threema Work only uses local servers in Switzerland, and thanks to its restriction to essential features, easy, efficient and distraction-free communication is guaranteed.
The primary focus of engagement apps is information distribution. Their goal is to completely replace email and to enhance the interaction between management, supervisors, and employees using internal social networks and similar communication channels. With this aspiration, engagement apps aim to achieve much more than simple chat apps. However, it’s open to question whether the staff actually uses features other than the chat functionality in the intended way. In many cases, a chat app that’s streamlined, only contains essential features, and also supports top-down communication is more efficient than an engagement app that combines many different and often unrelated tools in one place and floods the staff with all sorts of information.
In terms of security and privacy, services like Beekeper and Staffbase doesn’t compare with Threema Work. They are based on a centralized architecture and do not employ end-to-end encryption, which means that the service provider can, in theory, access any content at any time.
Messengers Not Considered
Messengers based on the Matrix protocol, like Element, were not taken into account because the federation leads to considerable privacy drawbacks. For example, messages and metadata are permanently stored on all involved servers, which means that every server operator is able to track who communicates with whom at what point in time. In the same vein, it’s evident for all server operators who the members of groups are, and the operator of a user’s home server is, in theory, even able to access their contact list.
Messengers for private users lack the tools for administration and user management that business solutions provide. That’s why chat apps like WhatsApp, Signal, and Telegram are stacked up against one another in a separate comparison:
Distribution and Pre-Configuration
Free, non-binding trial version users can activate themselves
The trial version allows potential users to immediately test all features without any obligation and without having to contact the provider
Administration console for user/license management
Mobile application management (BYOD)
App pre-configuration, feature restriction, and policy enforcement
Independent administration of different mandates, e.g., for subsidiaries
Integration and Automation
Corporate directory integration
Administrators can create central group chats for teams
Automation and integration into 3rd-party systems
Companies can send and receive messages in their own software
Single sign-on for desktop/mobile app
Single sign-on for administration console
For example, using SAML
Closed user group
Restrict communication to internal contacts
Incorporate external contacts without creating additional user accounts
Create units of multiple users
Storage and Data Retention
Automatic enforcement of data-retention policies
Central message archive
In contrast to chat apps for private users, business solutions offer a console where company administrators can manage the employees. Thanks to Threema Work’s high flexibility, the service easily adapts to every organization’s needs. In BYOD scenarios, Threema Work scores extra points with Threema MDM, while most other solutions only support external MDM systems. Threema Work combines comprehensive pre-configuration options with a straightforward app distribution.
All solutions support integration into directory services. External users can join Threema Work without having to complete a tedious registration process and even without providing a phone number or email address. On top of that, Threema Work can also be restricted to a closed user group.
Not to offer an option to archive user chats on a central server (e.g., for compliance purposes) is a deliberate decision of Threema Work because this would, in theory, allow the service provider to access message contents, which, in turn, would render the security benefits of end-to-end encryption completely useless.
Full GDPR Compliance
The service undoubtedly complies with all requirements of the European Union’s General Data Protection Regulation
No phone number or email address required
It’s not necessary to provide a phone number or email address to use the app
No address-book access required
To populate the app with internal contacts, no access to the address book is required
No collection or disclosure of user data
No registration required to use the app
No account is required to use the app
Website: No trackers, no analytics
No external/commercial tracking or analytics software is used on the website
Customer relationship: No external servers/services2
Data generated in the customer relationship (sales, customer care, support, etc.) is not transmitted to external servers or services
Server location/service operation
Operation: Own servers
Operation: Own servers
Operation: Cloud service of a US service provider
Operation: Cloud service of a US service provider
Data processing agreement
As is to be expected, Threema Work is well ahead of the competition in terms of data protection. From user integration, where neither an email address nor a phone number is required, to server location and operation, to the strict avoidance of data collection, other services should take Threema Work as reference point. Threema Work is the only service that maintains its own servers.
All messages, including media and files, are end-to-end encrypted
Groups and contact lists are managed directly on the user devices, not on a central server
Contacts can be verified “out of band,” i.e., without having to trust the service provider’s directory service
Strong encryption on end devices
Access to the app can be protected using biometrics or a PIN
Granular level of administrator rights
Code and Technology
Encryption procedures are well documented
Frequent independent audits
The pillars of Threema Work’s security are consistent end-to-end encryption of all content on one hand and its decentralized architecture on the other hand. While it’s no big surprise that collaboration tools and engagement apps don’t offer end-to-end encryption, it is notable that there are also so-called “secure” business messengers that don’t protect exchanged messages using this technique.
Threema Work is not the only services that regularly commissions external experts to conduct comprehensive security audits. Some major differences between Threema Work and other services lie in contact verification and the security of the administration console.
Text and voice messages
Voice and video calls
Chats structured as threads
Audio and video conferences
Screen sharing (desktop)
Notifications can be disabled during off-hours (e.g., on the weekend)
Deletion of sent messages on chat partner’s device2
Parallel use on multiple devices
The same identity can be used on multiple devices in parallel, but it’s not required that one specific device is connected to the server
Support for multiple identities
Multiple identities can be used in parallel with just one app instance
Send “messenger newsletters” to all users or certain user groups
Including default bots that can be used immediately without development efforts by the customer
The less secure a service is, the easier it is to implement features. Conversely, certain features are not available (or only to a limited extent) in secure solutions that employ end-to-end encryption.
Threema Work provides all essential features that users expect from a modern instant messenger plus some useful tools for everyday work, e.g., the off-hours policy and the poll feature. A major benefit of sticking to the essentials is the ease of use Threema Work offers.
Licensing, Support, and More
License costs per month and use
In addition to aspects like security and functionality, the price is also a key factor when choosing a corporate messenger.
Unlike Threema Work and other secure messengers, the collaboration solutions MS Teams and Google Chat are not available as standalone products with a separate price plan. Not all service providers are transparent about their prices, but according to the available information, Threema Work is the most affordable option.