If you're building a professional secure environment, forward secrecy is a tradeoff that you need to tune (and OpenPGP gives you the tools for doing so, viz. subkeys and expiration), you absolutely need federation, and identifying contacts by phone numbers (as Signal does) is a zillion times worse than leaking email headers.

It's not possible to make Signal secure, the flaws are on the protocol level. To fix it, you would need to change it until it is no longer Signal.