Wire - The Most Secure Collaboration Platform
Wire is the most secure collaboration platform, co-founded by the creator of Skype.
Featuring state of the art end-to-end encrypted group messaging, voice and video calls, file sharing, screen sharing and external guest rooms. Our business solution, Wire Pro is a next generation, secure alternative to Slack or Microsoft Teams.
- End-to-end encrypted group and 1:1 chats
- End-to-end encrypted group and 1:1 audio conference calls
- End-to-end encrypted group and 1:1 video conference calls
- End-to-end encrypted file sharing
- End-to-end encrypted 'guest rooms' for external users
- End-to-end encrypted group screen sharing
- Integrates with 'Single Sign-On' solutions
- Forward secrecy - a new encryption key for each message
- GDPR-compliant and ISO, CCPA, SOX-ready
- Bots and workflow services available
- Share secure messages in group chats or private chats
- Host secure conference calls with one click
- Host secure video calls with one click
- Upload and share files securely with ease
- A secure group via a simple link - no installation
- Share your screen with groups securely
- Secure your login process and connect your active directory
- Each individual message is it's own 'fortress'
- Fully compliant - privacy by design
- Connect to your other important SaaS systems
£3 to £5 per user per month
- Education pricing available
- Pricing document
- Skills Framework for the Information Age rate card
- Service definition document
- Terms and conditions
Wire Sales and Solution Engineering
+41 86 079 209 36 37
|Software add-on or extension||No|
|Cloud deployment model||
|Service constraints||We have no forecasted maintenance or limited support, which would impact users.|
|Email or online ticketing support||Email or online ticketing|
|Support response times||Within 2 business hours - Monday to Friday.|
|User can manage status and priority of support tickets||No|
|Phone support availability||9 to 5 (UK time), Monday to Friday|
|Web chat support||No|
|Onsite support||Onsite support|
Wire uses a proven framework for success that puts your goals at the centre of everything we do. Once we’ve understood your challenges, success criteria and associated timescales we can deliver a personalised support program that will help you with planning, setup, launch and implementation of Wire Pro, as well as user education and training.
This will also allow us to measure success at each stage of your deployment.
|Support available to third parties||Yes|
Onboarding and offboarding
|Getting started||Wire provides an online knowledge base, including user documentation, best practice and a step by step 'get started guide'. This self-service approach is also supplemented by a dedicated customer success team - for initial setup training, admin and user training and on-going support to monitor usage and reporting.|
|End-of-contract data extraction||
Wire supplies Wire Pro with end-to-end encryption by design. This means all collaboration history between users needs to be backed up by the customer before the final contract termination because Wire does not hold any clear text versions of any messages, data or files - the data is decentralised across the user devices.
History backup is default functionality in Wire Pro app, available cross-platform for all users.
The Wire contract includes:
-De-provisioning of users (self-service using the admin panel or through our 'Customer Success' team who can support admins)
-Complete erase of all data from the Wire Pro account
-Exit survey for admins and user base
Using the service
|Web browser interface||Yes|
|Application to install||Yes|
|Compatible operating systems||
|Designed for use on mobile devices||Yes|
|Differences between the mobile and desktop service||Screen share - on mobile app can receive/not initiate|
|Accessibility standards||None or don’t know|
|Description of accessibility||Wire Pro relies on the host system implementation for accessibility. Thus, the effectiveness depends on the platform for most of the features at the moment. Some platforms are currently more advanced, such as iOS. For example, Wire supports screenreader on mobile clients, but desktop app users might not be able to use this technology. We are in the process of defining guidelines and acceptance criteria internally, to improve the baseline and adopt the best of breed technologies.|
|Accessibility testing||Our automated testing relies on accessibility. We also use manual testing for screen readers when implementing new features, and occasionally do testing rounds throughout the product. We are also preparing an automated test 'suite' to check our compliance with accessibility standards such as colour contrast and element labelling.|
|What users can and can't do using the API||
- Users can create use the API to create accounts, conversations, search for other users, register devices, publish encryption keys, etc.
- Users can also look at how the API is being used by looking at our existing apps for Android, iOS and Web:
There's a fair amount of documentation here: https://github.com/wireapp/wire-server/blob/develop/docs/README.md and swagger too.
|API documentation formats||
|API sandbox or test environment||No|
|Description of customisation||
Customers with 'whitelabel' or 'self-hosted' deployments of Wire Pro with a need for a customised feature can ask for customisation.
The customer and Wire team evaluate the feature use case together. Thereafter, if there is a common reason to build a new feature, a mutual arrangement can be reached whereby the Wire team delivers content, experience, or functionality that matches the customer need.
|Independence of resources||Wire utilises our hosting provider to provide an easily scalable platform and constantly monitors utilisation to ensure appropriate capacity is available.|
|Service usage metrics||Yes|
|Metrics types||Total number of users in teams and wider account, number of service tickets and topics of contention and operational availability - uptime reports.|
|Supplier type||Not a reseller|
|Staff security clearance||Staff screening not performed|
|Government security clearance||None|
|Knowledge of data storage and processing locations||Yes|
|Data storage and processing locations||European Economic Area (EEA)|
|User control over data storage and processing locations||Yes|
|Datacentre security standards||Managed by a third party|
|Penetration testing frequency||At least every 6 months|
|Penetration testing approach||In-house|
|Protecting data at rest||Encryption of all physical media|
|Data sanitisation process||No|
|Equipment disposal approach||Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001|
Data importing and exporting
|Data export approach||
Wire history backup is the process of the copying and archiving of Wire account messages and files, so it may be used to restore the original after a history loss event or transfer data to a new device.
History back up procedure:
- Back Up Conversations.
- Set a password (for mobiles - the backup will be compressed and encrypted with a password )
- Select a secure place on your device to save the file as it is not protected by Wire end-to-end encryption.
|Data export formats||Other|
|Other data export formats||Proprietary format|
|Data import formats||Other|
|Other data import formats||Proprietary format|
|Data protection between buyer and supplier networks||TLS (version 1.2 or above)|
|Data protection within supplier network||TLS (version 1.2 or above)|
Availability and resilience
Wire offers 99.9% availability on Wire Pro and 99.95% on Wire Enterprise.
Monthly availability is published transparently in Wire's monthly "customer promise" publication to all organizations - along with customer satisfaction score for the month.
Wire Enterprise is available with SLA and SLA with Penalties.
|Approach to resilience||
We rely on 2 different AWS resource types: their EC2 offering and S3.
All our services run across 3 different availability zones on AWS's Ireland region; if a whole availability zone goes down, we will still be 100% available to our customers.
Our data is also stored and replicated across these 3 zones so there will also be no data loss in such event.
We also use S3 to store our encrypted backups and assets uploaded by users (images, audio messages and documents).
We write reports internally for every incident and share it with the whole team.
On request, we also share them with our customers.
Identity and authentication
|User authentication needed||Yes|
|Access restrictions in management interfaces and support channels||
We have 2 ways in how this is controlled:
1. VPN: Employees with VPN access can access the Backoffice and access some of our logs and monitoring dashboards. They cannot access production data nor servers
2. To get access to the production servers/data, employees need both VPN access and access to SSH keys that need to be given to employees: only members of the ops team have such keys.
|Access restriction testing frequency||At least once a year|
|Management access authentication||Username or password|
Audit information for users
|Access to user activity audit information||No audit information available|
|Access to supplier activity audit information||No audit information available|
|How long system logs are stored for||User-defined|
Standards and certifications
|ISO/IEC 27001 certification||No|
|ISO 28000:2007 certification||No|
|CSA STAR certification||No|
|Other security certifications||No|
|Named board-level person responsible for service security||Yes|
|Security governance certified||No|
|Security governance approach||
Wire has the following policies in place:
- Policy for mobile equipment (laptops and smartphones)
- Policy for secure app development
- Policy for secure app publishing
- Policy for network access
- Policy for server access
- Policy for incident reporting
Breaches of the policies are reported to and coordinated by the CTO and Head of Security
|Information security policies and processes||
- Since all user content data is end-to-end encrypted with Wire, we use a simplified reporting structure
- Incidents and potential breaches are reported to the CTO and Head of Security and are then communicated to the CEO
|Configuration and change management standard||Supplier-defined controls|
|Configuration and change management approach||
- All external software modules are monitored for vulnerability reports.
- If vulnerabilities are known, the modules are upgraded as soon as possible, depending on the severity and impact of the vulnerability. Critical vulnerabilities are patched in < 24 hours.
|Vulnerability management type||Supplier-defined controls|
|Vulnerability management approach||
- Software components vulnerability reports are monitored
- Monitoring of event logs takes place
- Alarms are in place to alert devops of unusual behaviour and errors
- Critical vulnerabilities are patched in < 24 hours
|Protective monitoring type||Supplier-defined controls|
|Protective monitoring approach||
- Network and event logs are checked for unusual behaviour
- Alerts are set up to alert devops
- Devops are on call 24/7 to react to incidents
- Incidents are treated immediately after detection (typically whithin hours)
|Incident management type||Supplier-defined controls|
|Incident management approach||
- Processes are pre-defined
- Depending on the type of incident and impact devops either adrress the issue immediately or report back to management in case further decision taking is required
- Users can report incidents through customer support or social media
|Approach to secure software development best practice||Supplier-defined process|
Public sector networks
|Connection to public sector networks||No|
|Price||£3 to £5 per user per month|
|Discount for educational organisations||Yes|
|Free trial available||Yes|
|Description of free trial||Full access to Wire Pro for 30days - which can be extended if required.|
|Link to free trial||https://wire.com/en/trial/|