Natilik Blog

Natilik Blog – read our latest thinking on IT and Communication technology and solutions

Why Cisco Webex Is The Most Secure Way To Collaborate

Laura Keen, Marketing Executive

Collaboration tools, especially video conferencing, have become hugely important for businesses, enabling them to keep in touch with their people and clients globally. However, it’s becoming increasingly clear that security and privacy are of paramount importance when choosing a collaboration tool that’s right for your business.

 

So, why do we believe that Cisco Webex is the most secure way to collaborate, and what are the facts that back it up?

 

Trusted By 95% Of The Fortune 500- Why?

 

Security will never be a trade-off

Webex will never sacrifice security for speed. Cisco place great importance on building bridges between applications, and this couldn’t be truer than within their collaboration portfolio.  The Natilik team understand that many clients have made sizeable investments in products such as Office 365, OneDrive and Sharepoint. All of thesecome with SSO (Single Sign-On) capabilities, but how do we safely link these applications with Cisco? When faced with the question of whether to embed the existing software development kits which sit behind these applications into their own products, or go down a different path, Cisco chose to use the safe and secure method of OS 2.0.

 

Committed to ensuring privacy and security by default

All features within the Webex portfolio are implemented with user-privacy in mind. No data is rented or sold to third-parties, EVER! It should never be the user’s responsibility to have to opt out of their data being shared.This should be  in place by default and is the exact approach that Cisco have taken.

 

Transparency

All Cisco products are built and developed in-line with the Cisco Secure Development Lifecycle (CSDL). This includes privacy impact assessments, proactive penetration testing and threat modelling.

Whilst all threats aren’t completely avoidable, Cisco believe that it’s important that when discovered, threats need to be fixed and proactively disclosed. To ensure this is the case, Cisco work with their own independent security organisation called Talos. Talos sit separately from any product or engineering organisation as a wholly separate entityand oversee the security and privacy for Webex. Any security vulnerabilities they do find are publicly disclosed.  

 

Webex Meetings Security

 

True End-To-End Encryption Is Available

A Webex session is established using TLS 1.2 (Transport Layer Security), and all media streams (Audio, VoIP, Video, Screen Share, Document Share) are encrypted. In normal operation, this is decrypted by Cisco in the cloud (but encrypted from the Webex client to Cisco), to allow functionalities such as recording. However, if full end-to-end security within meetings is something that your business requires, then end-to-end encryption is available to block these functionalities, even in the cloud.

 

No in-meeting content stored

Audio, video and files shared during a session are never stored once you end your meeting unless you have selected the option to record your session. If you do choose to record, the files or transcripts are stored securely and encrypted using AES 256 (Advanced Encryption Standard). Every user will have access to their recordings and will therefore have the power to delete them at any time, with bulk delete also available. 

Another option is to set up retention policies, meaning recordings are only saved for a certain period before being deleted (much like when you delete a photo or a video on an iPhone), in-line with your company policy.

 

Webex Teams Security and Compliance

 

End-To-end Encryption- In Transit, at rest and in use

Webex Teams includes full E2E Encryption of any user generated content, such as messages, files and whiteboards that are created within a space. Alongside this, the search functionality has the same encryption, protected with an encryption key that your business owns and manages. In ordinary situations that key will sit securely in the Cisco cloud, but for added security, you have the choice to store that key on-premise in your own key-management system, completely independent of Cisco. 

 

DLP & Domain Whitelisting

Webex Teams supports collaboration with external parties, a functionality that is easy to control and completely secure. You have the option of either allowing full external communication or restricting that to only certain domains using domain whitelisting.

Regardless of whichever path you choose, any external participants in your spaces follow the organisational securities you have in place, along with any internal parties who enter external Webex Teams spaces.

 

With pro-pack extended security and Cisco Cloud Lock you can also control what is shared or sent within Teams, regardless of whether that user is external or internal. For example, you can block users from being able to send credit card numbers or passport details. Webex Teams can also scan for any file that is marked confidential, and block that send.

 

Built in Anti-Malware and URL Scanning

Anything that is posted into a Webex Teams space is scanned and checked against Cisco TALOS, alongside any links being scanned for malware. Again, this is regardless of whether a user is internal, or someone outside of your organisation.

 

The Legalities

It is incredibly easy to place a legal hold on or perform an eDiscovery of any of the data within Webex Teams, even if the user is remote and outside of your network.  Phone, laptop or guest wireless, it doesn’t matter. Your organisation is secure.

 

Third Party Validations and Reviews

  • ISO 27001
  • 1SO 27018 for privacy data handling
  • SOC2
  • SOC3
  • HIPAA
  • FedRAMP

 

We’d love to offer you a free trial or a demo of all the latest, secure updates to the Webex portfolio, all you have to do is click here to register your interest.

If you have any further questions around what makes Webex the most secure collaboration tool, then please don’t hesitate to get in touch via hello@natilik.com and one of our experts will be in touch.