The importance of encrypting your everyday company communications
In 2015, a WIRED contributor made the bold case that the most secure consumer device was an Apple iPod Touch. He highlighted its combination of a highly vetted software ecosystem and a lack of cellular network connectivity, but made a lot of caveats along the way. For starters, it needed to be physically secured, kept up to date, and used in tandem only with encrypted communication apps.
While the author’s overall recommendation to keep using an iPod is impractical for many professionals, the argument’s basic points about encryption are worth noting:
Data encryption technology is essential for shielding sensitive interactions from unwanted surveillance and interception.
At the same time, it must be combined with acceptable security practices, such as proper handling of keys, scalable update or patch management, and access controls.
With the rise of video conferencing, cloud workspaces, and distributed Software as a Service (SaaS), ensuring acceptable encryption has become a process that is both higher stakes and more complex than before. There are new risks to manage across a growing number of applications and devices, along with converging platforms that can help simplify protection.
The risks of unencrypted and otherwise unsecured communications
Lack of encryption has long been a major enabler of data breaches, as shown by the numerous incidents in which health records were lifted from unencrypted hard drives. The dangers of transmitting and storing information in plain text are not always so overt, though.
Consider the case of popular encrypted communication apps, especially ones built for mobile devices. They might conduct automatic cloud backups that store unencrypted data on third-party infrastructure, or share information with parent companies and law enforcement. These are subtle vulnerabilities requiring dedicated attention to how each vendor secures data in-transit and at rest, including its practices for data center security.
Encrypted communications are also only as robust as the stewardship of the keys as well as the administrator accounts necessary for managing them. For example, end-to-end encryption (E2EE) can be set up to not only encrypt all contents of a video meeting, but also limit encryption key access to the meeting’s host and attendees. This extra step dramatically reduces the risk of a key falling into the wrong hands and jeopardizing company data and identities.
Threading the encryption needle with a secure messaging and conferencing solution
E2EE encryption has gained prominence recently as bodies such as the European Parliament have recommended its use in all electronic transactions within the EU. It’s one option among many in modern business messaging and video conferencing platforms like Cisco Webex Meetings, which implements multiple layers of security for safe encrypted communications without compromising user experience.
Data encryption technology is not an island. It requires support from other security measures – such as administrator tools for enforcing strong password security or limiting meeting access to specific accounts. Cisco WebEx Meetings combines multiple built-in protections to meet your specific requirements for secure communications that enhance your team’s productivity.
Feb 25, 2021 — Chris Capasso, Matt Spool, Thomas Vidgar & Damien McCoy
Feb 25, 2021 — Bobby McGonigle & Enrico Conedera