Security and Unified Communications Tools – it’s the Layers That Count
In today’s era of remote or hybrid work environments, virtual collaboration and communication tools are simply essential for business continuity. Federal and commercial entities use a vast variety of tools including IP video and telephony, audio/video conferencing, audio/visual solutions, desktop or laptop sharing, instant messaging and other collaboration applications. Cisco’s hosted collaboration platforms deliver integration of these tools, with seamless user experiences that help people work together more effectively from anywhere. With so many options for communication and collaboration available, you’re probably wondering about security: how do you keep all these end points and applications secure so your organization is safe from cyber threats?
For starters, Cisco provides the highest level of security including SOC-2 Type 2, ISO 27001, FedRAMP compliant, GDPR compliant, and end-to-end encryption. But to realize the holistic coverage an organization needs, you need to break security down to smaller pieces. Companies like Cisco take a layered approach to security and the features and functionality that provide secure physical access, a secure network, secure endpoints, and secure Cisco UC applications.
Physical security – organizations should ensure that their data centers and access to any sensitive information is physically protected from malicious actors. Requiring ID or key cards into office buildings, password protected computers and security cameras are all examples of physical security. With physical access, attackers could get access to server devices, reset passwords, and gain access to switches. Adding additional layers, like network and end point security, on top of physical access is critical in case this first layer of protection is compromised.
Network security – protecting your network is the next layer in a well-rounded security posture and best practices include:
- Separate VLAN for voice and data
- IP Source Guard against spoofed IP addresses
- Dynamic ARP Inspection (DAI) examines address resolution protocol (ARP) and gratuitous ARP (GARP) for violations (against ARP spoofing)
- Configuration of quality of service (QoS) for appropriate marking of voice packets
- Firewall ports configurations for blocking out any other traffic
Endpoint security – getting smaller into the loops of security, end point security is next. Cisco offers tools that come with end point security baked into them right out of the box. Default security features include signed firmware, secure boot, manufacturer installed certificate (MIC), and signed configuration files. Additionally, organizations can take a proactive role in their end point security by adding multifactor authentication (MFA) and encrypting everything from their IP phone services to its media and configuration files. It’s also important to remember to disable tools like PC ports, PC voice VLAN access and web access when they’re not in use.
Application security – protecting applications can be done by enabling mixed mode in Cisco UCM Cloud. Once an organization goes through the steps to allow end-to-end encryption in UCM Cloud, the tool then has the ability to perform encryption of the signaling and media traffic from and to all the Cisco endpoints like Cisco IP phones, Jabber or Webex clients.
Since few solutions are perfect out of the box, Iron Bow and Cisco work in conjunction to bring Cisco’s secure tools to federal and commercial customers while applying Iron Bow’s decades’ worth of security expertise and implementation experience to deploy customize solutions to get the most out of clients’ communication and collaboration tool investment. Unified Communications Manager Cloud (UCM) is powered by Cisco and provides cloud-based unified communication and collaboration applications within a virtualized platform under a centralized management system. This approach reduces costs and easily connects end users on any device, resulting in reduced IT complexity for your organization. Iron Bow’s UCM is easily scaled to any size organization, is flexible and FedRAMP authorized for federal customers. For Department of Defense customers who require an Impact Level 5 (IL5) solution, Hosted Collaboration Solutions for Defense (HCS-D) can be used to provide the full Cisco UC collaboration suite and securely bridge the gap to additional platforms.
For more information on Cisco’s Unified Communications and Collaboration tools, read more here. To see how Iron Bow can help you tailor Cisco’s products to fit your organization’s needs, simple contact us.
TechSource in your Inbox
Sign-up here to receive our latest posts by email.