Posts by Category

Securing users and devices in Webex

Common security challenges with users and devices

Today there are too many security challenges to the applications used by organizations, and many different vectors need to be secure:

  • User identities
  • Content
  • Devices
  • Transport

Security challenges to the applications.

The way that we protect the applications is crucial. We need to protect the application access, but also the identity of the user.

It is the job of the IT manager to prevent rogue agents from hijacking user identity and have access to all the different resources that the user is entitled to.

Identity theft has been identified in the Verizon 2019 report as the most common data breach, and if we add phishing attacks and stolen password, we get more than 50% of them. (1)

Breaches. Top threat action varieties in breaches

Protecting user identity

IT departments already understand that passwords are no longer an efficient way of protecting user identity.

It is difficult to manage application access based on passwords, as there are too many challenges:

  • Strong password complexity makes them hard to remember
  • Passwords should be unique to each app, which make them hard to remember
  • Passwords should rotate often which makes them difficult to manage and remember
  • Password manager web utilities can also bring security breaches

When deploying Webex, Cisco always recommends that our customers deploy it with a stronger authentication solution; at the same time, we recommend that the devices where Webex applications run are secure.

Strong authentication solution

Many customers want to enable all their applications with stronger authentication. Organizations realize that identity theft is the biggest security concern, and the traditional mechanisms for authentication are no longer effective.

Our customers talk about multifactor authentication (MFA), which means that their users need to provide two different types of authentication. There are three types of authentication mechanisms:

Strong authentication solution

Many vendors deliver these kinds of solutions; normally, we see them associated with Identity Provider (IdP) solutions. Those authentication policy servers, enforce the right authentication policy based on the different factor (location, application type, device type, etc.)

Today there is another trend in the identity market, where authentication mechanisms are people-centric and follow the Zero Trust mode. This allows secure connections to all applications (whether on-premises or in the cloud) based on the trustworthiness of users and devices. The Zero Trust mode enables the customer’s IT to set and enforce risk-based, adaptive access policies, and get enhanced visibility into users’ devices and activities. This concept is also known as Adaptive Authentication.

Cisco Webex right architecture

Cisco Webex has the right architecture to support the Zero Trust mode and allow secure connections based on the trustworthiness of users and devices.

Device validation and health

Device Validation and Health

Device assessment is a must in today’s organizations, identifying risky devices, enforcing contextual access policies, and reporting on device health.

Today organizations are mandated to follow many compliance goals, and they can achieve most of those using device access policies.

Verifying device health before granting access, to preventing exposing your applications to potential security risks is one of the best practices in modern application deployment models.

There are multiple types of devices that an organization’s users utilize every day when they use collaboration tools. Some of the devices are managed by the IT department, which already delivers some security insurance – but it isn’t enough. Some are unmanaged and owned by the employees, which brings interesting challenges from a security perspective.

Corporate managed devices/applications

CorporateManagedDevices:Applications

Normally there is a mix of solutions that can be used for corporate or managed devices, depending on the device type.

Some organizations use MDM/MAM for mobile devices, which allows them to create policies for the corporate application, for example:

  • Forcing PIN-lock
  • Preventing copy and paste
  • Disable screen capture
  • Remote wipe
  • Preventing tampering with devices
  • Requiring a minimum version of OS
  • Support for ECM
  • Requiring a minimum version of the corporate application

But since IT departments don’t manage only mobile devices, we also need to find a solution for desktops, and there we need to make sure that the corporate – managed applications are also aware of the security policies, and those apps could be aware of features like:

  • Versions of Browsers
  • OS versions and type
  • Disk encryption
  • Status on OS, Browsers, and Plugins
  • Firewalls
  • Anti-Virus and Anti-Malware

The protection of the application can be done by using the validations when the user logs in to the applications or during the application usage. The right mechanism, method, and deployment model needs to be chosen by IT administrations when they are in the deployment stage of those applications. The application vendors need to support any policy defined by the IT departments of those customers.

Cisco with Webex Collaboration doesn’t mandate any security strategy to protect the application, but we can integrate with any policy defined by our customer.

It is important that any application that deals with all the IP (Intellectual Property) produced by a company can follow all the policies that exist for devices and applications.

Non-managed devices

non managed devices

Devices that are owned by the users should not be excluded from the usage of a collaboration application. Examples of that are home computers, personal tablets, and mobile devices. Those devices are especially relevant in scenarios of working from home.

That is why corporate applications need to do extra check to make sure that they follow the minimum-security requirements imposed by the company security policies, for example:

  • The device has the firewall turned on
  • The device has an endpoint security tool, to protect against malware and viruses
  • The device doesn’t have a tampered OS

Normally these kinds of policies, for devices that are unmanaged, need to be enforced at login time.

Device/application visibility

Device:Application Visibility

One of the fundamental principles of good security is to understand your environment. But as environments get more complex with increasing reliance on cloud applications, bring-your-own-device (BYOD) allowances, and mobile and remote work, it’s progressively more difficult to gain that understanding.

For IT administrators, it is important that they have visibility on what devices each application is running; they also need to have visibility on the major characteristics of those devices.

Endpoint visibility also helps you understand and track important user behaviors such as how quickly end-users update their operating systems, browsers, or plugins. It also builds an understanding of when and how frequently end users log into work applications from their personal devices. Tracking these behaviors not only helps you set informed access policies but also helps tailor a more empathetic approach to different groups of users.

When it comes to security, trust Webex

Whether it’s the security of the Webex application itself or securing the devices that connect to it, Cisco Webex has security and privacy built into its DNA. Cisco has invested heavily in building a culture of security with the right checks and balances in place. Webex chooses secure default settings out of the box, thereby enabling users to start collaborating freely without having to worry about configurations. At the same time, Webex delivers a great user experience – one that doesn’t compromise security. That’s collaboration without compromise. That’s the Cisco security difference.

To learn more about Security and Compliance settings, go to the Cisco Webex Control Hub web page.

Resources

(1) Verizon 2019 report

Learn More

Administrators’ 3-step guide to managing devices remotely

Collaboration Without Compromise: A Security-First Approach to Remote Working

The World Has Changed — Security Should Transform to Stay Ahead

Read more
Modern business office with multi-ethnic team
What communication rules should you include in your startup business plan?

When you’ve just launched a startup or are working for one, there are a million things to do to get the organization on a sustainable trajectory. Market research, competitor analysis, financial projections, plus more mundane tasks such as finding office space and drawing up remote work policies – it’s all essential for starting a successful business.

The importance of having a startup business plan

Writing a business plan which addresses all of the above tasks might seem like more time and effort than it’s worth for startups already overwhelmed with simply recruiting employees and finding investors. But it pays off. 

A survey by Palo Alto Software found that startups that had completed a full business plan saw superior growth and had an easier time securing loans and investment capital than ones that hadn’t. Such improvement is critical in the highly competitive startup space, in which failure is routine. According to the U.S. Bureau of Labor Statistics, only 56% of all small businesses started in the year ending March 2014 had survived until March 2018

As you think about your startup business plan, it’s important to pay attention to the financial needs of your organization (e.g., how much cash flow it will have to generate to be sustainable), as well as to technical requirements, like what collaboration software employees will benefit from. Let’s look at everything a typical business plan template should include.

1. Executive summary

You’ve heard the term “elevator pitch.” The executive summary of a business plan is sort of like that: It provides a top-level overview of the entire document and is in effect a mini plan. 

It should only be 5% to 10% as long as the full plan, be written in short sentences and paragraphs, and briefly cover all the sections in the plan. Its audience will usually be banks and investors deciding whether to extend capital. Since it’s a summary, it will likely be completed only after the details below have been finalized.

2. Mission and objectives

Different types of businesses have different goals, whether that’s pioneering an all-new product or service or breaking into an established market. At this stage, you’ll want to introduce the startup in more detail by describing:

  • The organization’s core mission, vision, and goals.
  • What will set its offerings apart from what’s already out there.
  • What need it will fulfill and the markets it will target.
  • Where its operations will be based and which regions it will serve.
  • Where it currently stands, i.e what it’s already achieved.
  • What will be necessary for sustaining short- and long-term success.

Answering these questions will not only clear things up for would-be investors, but also give you insight into what you’ll need to invest in, like software. 

For example, let’s say you determine that you’ll sell to clients across the country, relying heavily on a team of mobile and remote workers. This might be a good sign that it’s prudent to invest in real-time collaboration tools like a video conferencing solution that can provide richer, more lifelike interactions between teams than a simple call or email would allow.

3. Product and service portfolio

Pretty straightforward: Include a full compendium of all of your products and/or services in this part of the startup business plan. Explain how they work, what stages of development they’re at, and how much they might cost. Include any relevant diagrams and supporting materials that flesh things out. 

Effective product rundowns make a huge difference in how investors will perceive the value of what you’re offering. Plus, getting them right at this early stage will help you develop clear product content like online descriptions, too. Almost 90% of customers video conferencing solution

4. Market analysis and planning

This is where things become even more granular. This phase establishes that your business idea is actually viable, via thorough analysis of your startup’s marketing plans, along with its targeted markets, customers, and competitors. How you actually conduct such due diligence will vary depending on your mission, but common action items include:

  • Performing SWOT (strengths, weaknesses, opportunities, threats) analysis.
  • Determining the total addressable market for the product or service.
  • Explaining how the offering will be branded and marketed to customers.
  • Describing the demographics and personae of those customers.
  • Setting a budget for marketing and advertising.
  • Figuring out which sales channels to use.

You should also consider how your customer profiles and marketing plans will influence your technology strategy. If you are a B2B organization selling software, for instance, then holding video conferencing meetings can be a useful way to connect with leads in real time, demo the product with screen sharing, and build the high-quality connections that convert into sales. 

5. Operational and financial projections

Your startup business plan must offer clear insight into how the organization will operate and what type of cash flow it can be expected to generate. Pivotal points to cover are:

Operational:

  • How much office space will it need, and where.
  • Employee locations and headcount.
  • The hardware, software, and IT services it will require.
  • The structure of its supply chain.
  • Current logistics and distribution plans.
  • Legal and accounting needs.

 

Financial:

  • Current income and expenses.
  • Breakeven analysis, i.e. what must be sold over a given time period to cover the costs of doing business.
  • Past financial statements, if available.
  • Projections for the next year or multiple years.
  • Startup costs.
  • Capital needs and loan/funding requests.

 

There are many ways to reduce your startup’s estimated costs en route to being able to present a more sustainable picture of your operation. Remote work is one good option, as it reduces your need for office space and for expensive travel as well, if real-time collaboration software is in place to seamlessly bring employees together regardless of their physical locations.

6. Management structure

Startup founders often choose to run a somewhat lean operation early on, with only a few employees and minimal overhead. Still, it’s important to detail everyone involved in the company’s operations, including the full executive team, plus any shareholders, consultants, and advisors. That gives investors and partners an idea of who they’ll be interacting with and how much experience they have in the field, which can influence their decision on whether to fund the startup and, if so, at what amount.

Don’t skip making a startup business plan

This business plan example template covers the most common bases. It can literally pay dividends to create a well-structured and detailed startup business plan, since doing so will help convince others to fund your company and ensure you have the resources to start off on the right foot. The time spent creating the plan will more than pay for itself once your company secures funding or a loan.


Interested in learning more about video conferencing solutions? Try the Webex Free offer today.

 

Read more
Cisco Meeting Server 2.7 Feature Release
Cisco Meeting Server 2.7 Feature Release

Your work days are jam packed, and it is crucial that you have all the collaboration tools and features you need. With the new Cisco Meeting Server 2.7 release, you have two new key features:

  1. Updated online meeting management capabilities
  2. A modernized CMS scheduling experience.

CMS Release 2.7 brings increased meeting management to your on-premises solution with:

  • Pane Placement: Pane placement using Cisco Meeting Management, allows you to choose who goes where in video layouts. With the new pane placement feature, the CMM operator has the ability to hand pick where the participants show up in the meeting layout. For instance, for video conferencing meetings with strict hierarchy, the meeting host can place the most important participant in the top left corner and so on. It locks the participants in a set location for the duration of the meeting.
  • Self-View: The self-view feature allows the presenter to see themselves in the layout, which is great for lectures and emergency response use cases where you want to ensure every site sees exactly the same layout.

TheCisco Meeting Server 2.7 release also modernizes the scheduling experience with CMS:

  • @MeetScheduling with TMS: Office 365 or Google Calendar customers can now leverage Webex Hybrid Calendar Services with TelePresence Management Suite (TMS) for a modernized scheduling experience. When scheduling an online meeting, add the keyword @meet to the location field. Include an on-premises registered video enabled end point for the one-button-to-push, easy join experience. When using @meet, the email invite will include the “how-to-join the meeting” details from any video device, Jabber, WebRTC, or telephone.

The Cisco Meeting Server 2.7 release continues our focus on quality and interoperability with:

  • Skype for Business RDP content quality improvement: Improvements to RDP content sharing enable faster sharing while using less bandwidth for a better meeting experience

For more information about Cisco Meeting Server 2.7 release read the release notes here. For Hybrid Calendar Services see this what’s new page.


Try Webex Meetings for free today.

Read more