Instant messaging has become an essential part of everyday business operations. Employees expect fast, mobile communication – especially in hybrid work environments.
What happens if a device is lost or stolen?
Can former employees still access business data?
How do we manage shadow IT?
How do we enforce security policies on private devices?
In BYOD and distributed work scenarios, every uncontrolled access point can compromise sensitive corporate data.
Starting in April 2026, Threema will introduce DualLock for Threema OnPrem, which adds server-side control to the existing local encryption.
Messages remain locally encrypted on the device.
A second encryption key is securely stored on the server.
Each time the app is opened, the server key is automatically verified.
If the server key is revoked or if there is no server connection, access is blocked immediately.
The result: the app cannot be opened on the blocked device, chats are no longer visible, and no more data is exposed.
Immediate access revocation in case of device loss
Remote enforcement of security policies
Secure offboarding of employees
Risk reduction in BYOD environments
Stronger compliance posture
The result is a unique security model that combines client-side data storage with server-side administrative control – balancing privacy with governance.
More than 8,000 organizations and over 12 million people worldwide trust Threema for secure communication.
DualLock is particularly relevant for:
Critical infrastructure operators
Government institutions and ministries
Companies operating under strict compliance requirements
Organizations with BYOD strategies
