Tags: Cisco Cloudlock, Cisco Collaboration Flex Plan, Cisco Secure Development Lifecycle, Cisco Talos, Collaboration Solutions, Collaboration Tools, IT Solutions, Security and Compliance, Webex Control Hub, Webex Extended Security Pack, Webex Hybrid Security, Webex Meetings, Workforce Management, Zero Trust End-to-End Encryption
Many of you are leading through these uncertain times and responsible for helping your business, people and customers stay connected and productive. Our promise to you remains unchanged: We continue doing everything we possibly can to support your remote working and business continuity needs to keep your employees and families safe.
We’re letting video conference systems into our homes in order to work, learn, and communicate. There is a need to make sure that whatever we bring into our home environment is safe. When you use a technology for meetings, you are entrusting your confidential and proprietary information to that platform, so companies must act to protect the integrity of their business, employees, and customers. In the case of healthcare, no one wants their family’s medical records to get in the wrong hands. And, as children around the world continue learning and connecting virtually, we need to make sure they are protected, too.
An increasing number of organizations are taking a closer look at their collaboration solutions as news headlines surface about meetings being hijacked and unsafe security settings put users at risk. Customers want easy–to–use, reliable, secure and trusted solutions.
Cisco has a longstanding commitment to security and privacy, and has invested heavily to build a culture of security throughout the organization. Cisco Webex is backed by Cisco’s rich history and expertise in security — from the network to endpoints, to the data center and extending out to our cloud services.
In my role at Cisco, my team is laser-focused on building security and privacy into Cisco Webex by design. I’m passionate about this topic and wanted to highlight a few of the ways in which we are helping our customers achieve secure collaboration.
Cisco’s Secure Development Lifecycle is foundational to how we build all of our products and is underpinned by our open and transparent approach with customers. Cisco’s Security and Trust Organization works with engineering teams throughout Cisco, including Webex, to build security and privacy into our products using Cisco’s Secure Development Lifecycle that includes proactive penetration testing and threat modeling, in addition to product privacy impact assessments.
Cisco takes user’s privacy very seriously. This is why our privacy governance ensures we publish Privacy Data Sheets and Privacy Data Maps for all our products on our Trust Center. We are proud of our deep history and excellence in our privacy programs and we are compliant with GDPR, HIPAA, and FERPA, among others – and we’re also HITRUST certified.
Additionally, Cisco’s practice is to fix and disclose vulnerabilities, regardless of whether they are found internally or externally by third parties. Our Product Security Incident Response (PSIRT) is responsible for receiving, investigating, and working with engineering to resolve vulnerabilities in our products. Cisco maintains a public policy based on industry standards such as ISO29147 that governs our practices in this space. The goal of these actions is to make our customers aware of potential risks to Cisco products and services so that they can assess and remediate security vulnerabilities in a timely manner.
Cisco helps you secure your users and devices from a single pane of glass in the Webex Control Hub – including SAML 2.0 single sign-on integrations with your choice of identity provider along with many choices of Multi-factor authentication, OAuth authorization, and role-based access controls. In addition, we enable remote wipe on user devices with PIN-lock, in case users’ devices become compromised.
Webex Meetings offers strong encryption by default with an option to enable end-to-end encryption. Years ago, we recognized that some customers (like banks) require it – even though it does limit some of the features of Webex Meetings. So, we offer it as an option to customers, and we give customers control over who in their organization has access to encrypted meetings. It’s up to our customers’ IT Administrators to grant access to those who use Webex for highly classified content that requires end-to-end encryption, versus those who don’t.
Webex also enables meeting passwords by default. Webex gives the meeting host control to prevent unwanted participants from joining meetings via telephone or video devices using PSTN passcodes and Video PINs. Webex offers an option to auto-lock Personal Meeting Rooms (PMRs) immediately after the host joins, or after a specific amount of time after the meeting starts. More than two years ago, we published a full list of best practices on how to secure Webex meetings.
Cisco enables secure cross-company collaboration – with the ability to set up data loss prevention policies that protect users even when they’re collaborating across company lines. We have an ecosystem of compliance, security, and identity management vendors to enhance Cisco Webex Teams and deliver key enterprise-grade features. We also offer the ability for customers to set their own policies for retention, eDiscovery, and Legal Hold.
Cisco also offers extended security options that include Cisco Cloudlock Cloud Access Security Broker (CASB) and Cisco Talos ClamAV anti-malware – they are easy to buy and easy to deploy as part of the Cisco Flex Plan. And, we also offer multifactor authentication with Cisco Duo.
Webex enables users to collaborate freely without having to worry about configurations – it’s secure out of the box so that first-time users are assured they’re safe without having to take configuration training. Webex has built an easy-to-use, integrated, and secure user experience. Whether inside your organization or when collaborating across company lines, Cisco Webex provides an enterprise-grade hardened collaboration platform that keeps you secure by default and protects your data. It’s no wonder that Cisco Collaboration is trusted by 95% of the Fortune 500 and many government agencies worldwide. Watch this video on remote working and the importance of enterprise-grade security:
That’s collaboration without compromise. That’s the Webex security difference. In the coming weeks, look for our Straight Talk webinar series to get the facts about Webex security.