Wire

Wire On-Premises, Wire Cloud or hybrid deployment – which one is the best for my organization?

Picking the right Wire deployment for your organization might be tricky. In this blogpost, we are breaking down the options to help with the decision.

At Wire, we take secure communication seriously – and we understand that every organization works differently and has different requirements when it comes to security, privacy, and digital sovereignty. This is why we offer our secure communication solution in two and a half flavors – on-premises, in the cloud, or as a hybrid deployment. But what are the differences between those two? And is one more secure than the other? Read on to find out!

Why should I use Wire Cloud?

Wire Cloud provides all of our great features with the shortest time to deployment. Ask for a quote on our website, get an offer, and start rolling out secure communications for your organization in no time. Especially for smaller organizations, this is not only the fastest, but also the most cost-effective way to use Wire. Licenses are available at an attractive price point, and you are saving on hardware, maintenance costs, and personnel costs compared to Wire On-Premises. 

Wire is hosted in EU-based data centers: AWS Ireland, AWS Frankfurt, and Hetzner Germany. Due to local data storage, strict data protection standards, and end-to-end encryption, Wire Cloud is GDPR compliant and can be used without headaches.

Wire Cloud and Wire OnPrem share the same features. The only difference is the compatibility with some of our bots, some of which are only available on-premises.

 

But is Wire On-Premises not more secure than Wire Cloud?

No. Both deployments offer the same premium level of security because both use the same concepts regarding cryptography, communications protocol, and overall design. Messages and calls in Wire are always end-to-end encrypted and the encryption cannot be turned off. Even we at Wire are unable to decrypt the content of communications because the key material to do so is always and only stored locally on the user’s devices, independent of your specific deployment. 

We do support our on-premises customers in running Wire on their own servers. However, to do so with a continuously high level of security requires the customer to have good security processes and a good understanding of DevOps. 

“Running an on-premises instance of Wire does not provide a higher level of security than using our cloud service”, says Taneli Potticary, Vice President, Services Delivery and Solutions at Wire. However, having an on-premises deployment gives you greater control over some aspects of your communications infrastructure such as metadata collection and notifications services.“

Can I have my own team in Wire Cloud?

Yes. Wire Cloud is a secure multi-tenant environment. This enables customers to connect to other organizations (partners, customers) who also use Wire Cloud. Wire Guest Connections are a secure method for collaborating across Teams, and thus across organizational boundaries. We implemented professional teams in such a manner that all members of the team can communicate with each other and people outside of the organization without receiving spam requests and disturbances in their work environment. 

Can I combine the Cloud and On-Premises?

Yes, you can soon. This summer, we will enable Federation between on-premises instances and the Wire Cloud. This allows more flexibility, where organizations can use an on-premises instance for special use cases, e.g. in mergers and acquisitions or for the board and C-level area while the rest of the organization uses Wire Cloud. 

Wire offers a unique feature set for Federation. We don’t simply connect full backends but allow for a more granular approach. This way, organizations can define who can initiate contact with federated users, or set clear boundaries for different types of roles and functions or departments. 

If there is no security benefit, what is the argument for running Wire On-Premises?

When you as a customer run Wire in your own datacenter, you have even more control over the metadata that the service needs to operate. Even in our cloud offering, we collect a minimal amount of metadata – only those pieces of information needed to collect and distribute the messages correctly and ensure a smooth operation of the service. 

We understand that some of our customers have special requirements when it comes to metadata, and want to control the whole process with the highest possible level of data sovereignty. That is what Wire on-premises can provide. 

On-premises customers can also decide to use a different way to push new notifications to their respective devices. With Wire Cloud, we rely on the respective Push-Services of the operating system for mobile devices (Apple Push Notifications (APN), and Google Firebase Cloud Messaging (FCM)). Our desktop apps are using WebSockets to deliver messages. 

For on-premises customers, it is possible to only use websockets without involving any other external services, if they are using our desktop- and web app and an Android-based mobile infrastructure.

What about the Wire Bots?

On-premises instances of Wire also allow for tailoring our offering more specifically to clients’ needs. Wire currently offers several add-ons and bots to support our customers in their daily work or to comply with regulatory requirements.

  • Compliance Recording to securely archive conversations while maintaining all the benefits of end-to-end encryption. Legal Hold is especially important for players in the financial industry who need to be able to reproduce the contents of conversations for regulatory purposes. 

  • Wire for Outlook plugin integrates Wire into Microsoft Outlook and offers the ability to easily create and schedule meetings. (Also available for cloud customers)

  • Wire Broadcasting bot allows for the centralized distribution of information that is relevant to all members of an organization. 

  • With Wire’s Polls bot users can easily create polls in the chat. As always with Wire, the polling information is confidential and end-to-end encrypted.

Similar posts

Subscribe to our newsletter