AWS Public Sector Blog
How AWS Wickr can enable secure communications for the Australian Government and its allies
Messaging applications are becoming increasingly core to the way Australians communicate. Research by the Australian Communications and Media Authority (ACMA) found that nearly four out of five Australians use a messaging application for personal purposes. These apps are particularly prevalent among younger Australians; 92 percent of those aged 18–24 and 89 percent of those aged 25–34 report using them to connect and interact.
At the same time, the Australian Public Service (APS) Workforce Strategy 2025 recognizes that by 2025, half of the APS workforce will represent Gen Y and Gen Z, the digital natives. It makes sense, then, that this changing workforce demographic will want to use the same type of tools they use to chat with friends and family when communicating at work.
However, the use of consumer-grade messaging applications poses significant security and sovereignty risks for Australian government agencies, making it difficult to meet governmental information management obligations. Official guidance from the National Archives of Australia (NAA) unambiguously states that “instant messaging posts … created or received as part of Australian Government business are Commonwealth records.” In its performance audit report on the Department of Defence’s management of the Hunter class frigate project, the Australian National Audit Office (ANAO) highlighted weaknesses in the project’s recordkeeping, and specifically noted the use of consumer messaging applications by Defence officials: “…the use of applications such as Signal, Zoom and WhatsApp cannot be used for transmission or storage of Official information.”
Secure and compliant messaging
Amazon Web Services (AWS) Wickr is an end-to-end encrypted messaging and collaboration service that provides the advanced security, administrative controls, and data retention capabilities government agencies need to protect sensitive information and meet legislative requirements, such as Australia’s Archives Act 1983.
Wickr secures one-to-one and group messaging, voice and video calling, file sharing, screen sharing, and location sharing with 256-bit encryption. Data remains protected from unauthorized access, interception, and tampering as it travels from one endpoint to another. No one except intended recipients has access to the keys required to decrypt the content—not even AWS. Wickr was launched in the AWS Sydney Region in October 2023.
Fine-grained administrative controls allow you to organize users into security groups with restricted access to features and content at their level. Your Wickr network administrators can apply policies to each group that are custom-tailored to meet desired outcomes. Passwords can be reset, and profiles can be deleted remotely, helping you reduce the risk of data exposure stemming from a lost or stolen device.
Wickr network administrators can configure and apply data retention to internal and external communications in a Wickr network. This includes conversations with guest users, external teams, and other partner networks so you can retain messages and files sent to and from the organization in a private data store that is completely under your control, thereby supporting compliance with Australian government recordkeeping obligations.
Wickr was recently independently assessed to the Information Security Manual (ISM) PROTECTED level under the Information Security Registered Assessors Program (IRAP) process. This allows departments and agencies to meet their obligations in handling information up to the PROTECTED security classification, in addition to their information management and records retention needs.
Wickr provides network federation to allow users and teams to communicate securely with users in another organization’s Wickr network. You can assign groups of users to specific federation rules, restrict access to select agencies and partners, and allow or disable the guest user access feature for individual security groups.
Wickr is currently available in AWS Regions in Asia Pacific (Singapore, Sydney, and Tokyo), Canada (Central), Europe (Frankfurt and London), and the United States in the US East (N. Virginia) Region, with additional Regions launching in 2024. This enables you to set up secure collaboration quickly and easily with established allies and emerging partners. For example, as depicted in the following diagram, an Australian government agency could configure Wickr network federation with its counterparts in the UK, US, and Japanese governments.
Protect your communications
Employees will continue turning to messaging apps to chat with friends and family and boost productivity at work. While many of these apps introduce risks for government agencies, Wickr combines end-to-end encryption with administrative control, data retention, and data residency controls to help you achieve your goals and communicate safely both internally and with Australia’s key security partners.
To learn more and get started, visit the AWS Wickr webpage, or contact us.