Why Cloud Control Is Central to Secure Mobility
By Curtis Peterson
As a channel partner, you need to empower customers to employ multimodal communications across a variety of devices – from smartphones to tablets to connected watches to whatever the next mobile invention will be – without compromising security. If you’re not already fielding questions on how to make that happen, you soon will be.
To respond properly, you need to understand how mobile security is different, how cloud plays a role, and how to help customers focus on protecting what’s most relevant to their businesses.
Mobile devices introduce a variety of new considerations for end users — and security is chief among them. Any conversation you have with a customer about the benefits of cloud or mobility must include how they will protect data. For example, one challenge for many is that while mobile device management (MDM) has prevailed in enterprise application control, it has not kept up with multimodal communications and with the proliferation of device types that we are seeing today.
Another problem is silos. Take mobile UC as a service. While we see this tech as the future, UCaaS solutions are not typically integrated with the other business applications in use by employees. The result? Siloes and inefficient workflows. Layer on the growing trends of BYOD and the democratization of IT that have given rise to the most mobile, flexible and geographically distributed workforce ever, and those inefficiencies and data silos become a real problem for the business.
How Mobile Security Is Different
Traditional hard-wired communications technologies offer (or at least appear to offer) a number of built-in security features. Consider as an example a PBX headset: It's typically located in an office that sits behind locked doors and is further fortified by a security system. The phone doesn't work anywhere else, and the network itself is considered trusted. When you get a call at your desk exchange from a colleague, you can see that she is in the building — there is little chance someone has stolen her phone. All of this creates a blanket of security.
Mobile breaks all of that down. Now it's the responsibility of the cloud application and the client application to establish end-to-end security for messages, signaling, media and every other type of data. You can no longer trust that communications are behind a locked fortress.
Spotlight On Wi-Fi and 4G LTE/5G
Channel partners can help enterprise customers keep their mobile security robust by understanding what makes a Wi-Fi network secure, and then selling them those secure solutions.
Securing Wi-Fi is different from securing hard-wired networks. First of all, Wi-Fi networks need to be discoverable to be usable, so broadcasting their existence is part of their modus operandi; they can't hide. Enterprises that have workforces using Wi-Fi for business need to consider who has access to the public Wi-Fi spot being used. When an employee makes a phone call in a venue with public Wi-Fi, the security and encryption of applications become very important, because you're not controlling the network. The man sitting next to your employee at Starbucks might be scooping all the data packets from that phone call.
Additionally, now that calls can move around between networks on the public side (remember, 5G is backwards-compatible all the way to 2G), a transaction from a mobile device can come in from any network, especially when you add roaming to the picture. This makes it even more important that the cloud service, the information on the device itself, and specifically the user are able to establish a trusted relationship that can migrate seamlessly between networks.
COPE? CORE? BYOD? Mobility management is big with small companies — a big headache, a big expense and a big area of possible conflict with mobile-savvy employees. Our free guide will help you make a plan. Download now!
The bottom line is that the cloud provider itself must be doing OTT security for any assurance that there's a strong security layer on any Wi-Fi network being used. Look for the key certifications of SSAE16 (and specifically SOC 2, Type 2), TRUSTe and SKYHIGH Enterprise-Ready. Additionally, ask about secure signaling and secure media, encryption at rest and in the client, and the ability of the provider to deprovision a client from a central authority, regardless of network.
Help Customers Ask the Right Security Questions
Most customers don’t know what to consider when looking to secure a cloud communications application. They frequently borrow a lengthy, 400-question security questionnaire from another application – maybe a CRM – and try to apply it to their cloud communications app. The problem is that most of the questions are irrelevant, duplicative or request layers of security that are impossible to implement. The end result is, best case, a waste of everyone's time. Worst case, while this seems like a comprehensive security approach, in practice it may well make security weaker.
As a trusted partner, you can help cut through the noise by advising your customers to hone in on the most important and relevant security questions, and by representing that understanding as a comprehensive security answer in any RFP you prepare. The key questions will be the ones that flow naturally from the following foundational security questions:
- Does all of my data need to be fully encrypted?
- What data is regulated or otherwise critically important to my business?
- What data is it really critical for my company to keep private? (Hint: It's very seldom all of it.)
- How much of that data am I sharing with this cloud provider?
- How does data get to the cloud, and how is it stored?
- How is the data verified to be in safekeeping?
- When an employee leaves my company, how does he or she know their data has been purged as well?
Answering these should help you help customers pare down their most pressing security needs and lead them to their most important cloud-based UCaaS security requirements.
Curtis Peterson is senior vice president of operations at RingCentral.
- Business Success Story: ANPI Has Just the Ticket for Kerasotes ShowPlace Theatres’ Mobility Needs
- Collab9 Leads UCaaS Pack With FedRAMP Authorization
- Toshiba Telecom Debuts Free Version of UCEdge for Android, iOS
- 8x8 Tops in UCaaS, Vonage Jumps to 2nd
- Broadview Introduces Centralized Online UC Order Tool