If you ask such questions, it is better to find a specialist and give money for setting up a turnkey infrastructure. $200 per user will come out of the initial cost.
If there is loot, you will find it quickly.

Try to read about the cryptopro program, it can encrypt both files and correspondence

create a regular server based on your domain

It's enough.
You will provide all the data to the relevant structures in any case if you want to do business in Russia :) It makes sense to discuss the issue of "an office that is encrypted from the state." If you understand all the risks, of course.
For a corporate mail client with encrypted mail storage, it is enough to have its own CA that issues mail certificates with which mail is encrypted. For corporate file sharing, a private cloud on synology is sufficient, encrypted with the same certificate issued by the same corporate CA. To communicate via a messenger, you need to find one that allows you to install your own server - Jabber for example - working via https with a certificate, again issued by a corporate CA.
But remember that thermorectal cryptanalysis reveals any keys of any complexity.

First and foremost - first define for yourself what 'safety' is! This complex concept includes not only network protocols and user interface, but also a set of rules that users must follow (the same proverbial piece of paper with a password on the monitor).
To send a message from one user to another, you need:
* initial authentication
You need to somehow associate the letters on the screen with a specific person, and this is a mega problem, because there is no universal solution, more precisely, it exists - it's a phone number, which is why modern managers link a user account to a phone number. They cannot be generated indefinitely for spam (it costs some money for the user) and at the same time almost every person on the planet already has it (except for very poor countries, but even there there is at least some kind of infrastructure)
Accordingly, you need an infrastructure (contracts with a provider, software and physical servers or paid cloud services) that will provide authentication via the same sms. If there is an application for the phone, some steps can be started, but this is unreliable, because the application is hacked. The initial sms will have to be sent one way or another.
Alternative - it is necessary to have some kind of account registration center (if you have an organization - this is the most logical option) where someone in charge can say - 'this person is these letters on the screen, I guarantee'.
There is a gpg standard when users can exchange gpg keys (in a personal meeting, for example, via a qr-code) confirm that this user is what he claims. But as you understand, a personal meeting is still needed. I have not seen a single manager where this process was somehow socialized, roughly speaking you would see all the confirmations from other users (in the form of a tree of trust and confirmation). But I guess it would be too difficult for a classic user, although it is most true for a decentralized messenger.
There are plugins for various jabber and email clients. There seemed to be a browser plugin that not only managed these signatures but also allowed the raid to decrypt the messages on the page.
* authorization
This problem directly follows from the method of initial authentication and storing its results.
The simplest is password authentication, the server stores everything necessary for work, when the password is entered, a temporary token is issued to the application and everyone is happy, the application, by some condition, deletes the token and requires re-entering the password. If you stand up for security, you should not use any third parties as an authorization intermediary (googl / facebook / Vasya Pupkin), it should be your service.
If you store all the necessary data (gpg keys for example) locally, you still need to somehow protect the password, biometric authentication (fingerprints), etc. from access to third parties. but each solution has its own level of security (the cost of hacking) ...
* Communication and data storage
All messages must be delivered somehow. They must be stored somewhere while the participants are not online.
If correct, everything should be organized according to the same gpg scheme, the users store the keys, and the server is a stupid pipe for data and keeps everything encrypted.
BUT clients don’t want to bother with storing keys, they want to press the button and it’s good, which means that the server is storing these keys and all encryption becomes absolutely meaningless (except for the low level itself, but there encryption keys can be issued temporarily as it happens with https and completely imperceptible to the user)
* The software must be adequate to the security system
There are a lot of nuances here. Who are you protecting information from? A classic mistake, for example, is that important information cannot be sent to services that can peep this information (I remember the master key of a cryptocurrency account, some kind of mobile wallet out of habit sent, like any text message, to the Google server for spell checking, with all the ensuing consequences, someone lost about 80k money).

because not background-color, but background.
if without background color - background-image

https://webref.ru/css/background-color
https://webref.ru/css/background-image
https://webref.ru/css/background
Syntax, examples