Security remains at the heart of a successful enterprise strategy. Today’s escalating cybercrime places an enormous strain on resources and the threat of a data breach is not only damaging to the business, but it can also have a tremendous negative impact on customer trust.
Communications solutions and cloud-based services need to be integrated and built with security by design to scale your collaboration aspirations in line with business growth. As the workforce requires more integrated collaboration tools, users need to be confident that they can safely join meetings from any room or device.
It is relatively simple to manage security within the boundaries of your own enterprise. However, vulnerabilities can occur when there is a need to communicate outside of your own network perimeter, especially if you do not have a robust security posture or cloud architecture in place.
A recent example was witnessed in November 2018 where Tenable announced that its research team had discovered a serious vulnerability in a Desktop Conferencing Application from a US-based video communications company that allowed a remote attacker or rogue meeting attendee to hijack screen controls, impersonate meeting attendees via chat messages, and kick attendees out of meetings.
The vulnerability [CVE-2018-15715] used an unauthorized command execution via their event messaging pump and exposed up to 750,000 companies around the world that used the solution to conduct day-to-day business. The company was notified about the vulnerability in October 2018 and issued patches in late November.
Vulnerabilities in infrastructure and in the cloud are playgrounds for hackers to infiltrate a virtual meeting room and cause disruption but there are ways businesses can protect themselves. Here are five disciplines that enterprise leaders should consider when formulating a successful collaboration strategy and planning a robust cloud security posture.
Communicating safely with a global, dispersed workforce is essential for enterprise business continuity today. Although patches were issued to protect against the hacks which occurred in the case referenced earlier, trying to patch all the vulnerabilities in a solution totally reliant on third-party vendors whose technology is out of the vendor’s direct control, does not provide full security.
Therefore, trust in cloud-based solutions can only be gained when the vendor fully owns the global points of presence (data centers) within each jurisdiction to ensure data is stored with geographical redundancy.
In addition, their services must be secure-by-design, managed efficiently, and offer appropriate failsafe support in the event of an incident. Security is a shared responsibility. Buyers need to be diligent in their approach to find the best-of-breed products that address their collaboration requirements. Ultimately, solution providers should design and develop all products with built-in security as a priority to safeguard users’ data from cyber-criminals.
