CT Pros Blog

Understanding Security in a Hosted Communications Environment

Jun 23, 2020

 

The flexibility of working from home used to be a nice-to-have benefit for businesses. But the coronavirus pandemic has changed how entire organizations operate and communicate forever. The sudden shift has forced many to tackle the challenges of enabling thousands of workers to transition to remote working.

Ensuring that everybody can securely access the systems they need also comes with responsibilities around data security and encryption.

For example, video conferencing app Zoom ticked many boxes for businesses, but hacked meetings and conversations that were exposed for people to eavesdrop on quickly introduced more problems than solutions.

So, where do we go from here?

Let’s first understand that the responsibility of a secure communications solution is a responsibility shared by both the business and the provider of those services.  There are multiple areas of security and while we won’t go into great depth, we will give you an overview of the areas of security you should pay attention to.

 

The Convergence of Voice and Data

Under the hood of every communication and collaboration solution will be some form of end to end encryption. Many forget that Voice over IP telephony by its very nature suggests a convergence of both voice and data.

From a security risk standpoint, it's the leakage or eavesdropping of valuable data and conversations that will be the biggest cause of concern.

However, every provider will be different.

For example, RingCentral utilizes SSLv3/TLSv1 to encrypt web-session traffic and to encrypt phone provisioning sessions for RingCentral desk phones. 

In addition, desk phones, mobile applications, and desktop applications support encrypted calls using SIP over TLS for signalling and SRTP for media. The ability to implement VoIP encryption on your account and ensure that all sensitive messages are retrieved via an encrypted web session is not something that you should assume from any provider.

 

What to Look for with a Cloud Provider

At the very least, your provider should have robust partitioned multi-tenant cloud communications service that offers several layers of built-in security features.  It should also protect the privacy and data integrity while also increasing reliability.

Administrators should be able to meticulously manage:

  • account policies
  • user permissions
  • login information

It should also include database replication between locations in real-time, with failover built into the provider’s service.

These are just a few security fundamentals that are often lacking in consumer-friendly apps and why going with a trusted and established provider that offer a unified experience is so critical. 

Corporate solutions such as RingCentral tackle these challenges head-on by helping to manage service delivery, architects, and, most importantly, design security into the product. For businesses, this provides much-needed peace of mind by ensuring the service's physical and environmental security.

More and more decision-makers will be looking to purchase a cloud platform that supports their new approach to remote working. But security is now leading these conversations rather than being an afterthought.

 

Maintaining Your Compliance in a Remote Working Environment

Regulatory requirements, security protocols, and best practices for employees will be just a few of the basic questions you should ask from the outset. Every industry will have a different level of regulatory requirements when it comes to privacy, data storage, and communication encryption.

Many businesses are just beginning to address these regulatory concerns as they continue to navigate through these uncharted waters.

Whatever cloud vendor you choose, it must comply with the regulatory regimes that you have to work with, such as GDPR, HIPPA, and PCI. 

Providers should also be able to provide you with definitive statements of compliance and auditing to address any regulatory concerns that you might have directly.

 

Additional Security Points to Consider

When daring to look beyond instant messaging, video conferencing, and call routing, you will discover that integrating with multiple key business applications is critical.

Network and infrastructure security are also areas that should not be overlooked when choosing the right provider.

Service-level monitoring, regular vulnerability scans, and intrusion-detection systems will play a significant role in protecting your corporate communications along with two-factor authentication.

 

Employee Best Practices & a Security-First Mindset

For too long, employees have enjoyed the luxury of convenience over security. Bad habits such as sending a quick SMS message or a short email with an attached internal document without thinking about the risks are now commonplace.

Businesses now need to help their staff adopt a security-first mindset. Emails and SMS texts can be replaced with alternative digital communication such as Slack, which at least offers enterprise-grade data protection.

Passwords

While passwords remain a necessary evil for authentication, they will remain the biggest vulnerability and cause of data breaches. Ideally, employees should revise their passwords at least once a month to keep the threat to a minimum.

VPN

A virtual private network (VPN) combined with two-factor authentication, will also protect connections between computers across multiple networks.

 

Enabling your remote working teams to communicate without sacrificing security or compromising sensitive data doesn't have to be complicated. But it will involve improving communications of best practices from security teams to every employee.

 

Finding a Unified Communications Partner, You Can Trust

Protecting business-as-usual operations is already a top priority for every business.

As remote working at scale becomes the new normal for the foreseeable future, secure and reliable communication systems will continue to play a critical role in enabling collaboration and teamwork within the enterprise far beyond the walls of its office space.

The good news is that unified communication technologies will enable your team of remote workers to remain productive outside of the office through a myriad of integrated and seamless tools. But do not underestimate the value that the right support partner will bring during the planning and research process.

The intensity of cyber attacks continues to increase as overloaded systems, and under-monitored systems create security vulnerabilities. Integrated solutions that deliver flexibility and protect your company will make up the secret sauce to converge your security, networks, and cloud infrastructure.

With the right partner, your dream of secure cloud communications can quickly become a reality.  As a RingCentral partner, we are here to help.  We offer consultative services and professional IT services to ensure your entire infrastructure is protected and secure.  

 

For more information, contact us online. 

 

If you enjoyed this article you may also enjoy:

Like this Article?  Share it below! 

Looking for Video Conferencing?
Familiar with RingCentral? They're awesome!
Ask how we can help set up video conferencing!

In the Meantime, Let's Connect!

Let's connect!

Follow us on Twitter! Like us on Facebook!

Follow us on LinkedIn! Like us on Facebook! Follow us on Twitter!
Are you ready to migrate to the cloud?
Looking for IT Professional Services?
Need help? Call us at (877) 328-7767
If you have questions, we have answers!

Contact Us