Dalelorenzo's GDI Blog
16May/210

Webex Ranks Best of Breed in NSA Collaboration Services Guidelines

Recommendations for a Safe, Secure, and Compliant Collaboration Ecosystem

The National Security Agency( NSA) published a adjust of guidelines for “Selecting and Safely Using Collaboration Work for Telework.” The recommendations that estimated 17 collaboration "providers " related a dozen critical criteria for cybersecurity functionality and security assurance to help government employees and organizations draw informed decisions when selecting a collaboration service for the needs and requirements. The goal is to help users “draw down health risks exposure” when conducting business throughout their workday.

NSA Table of Assessments against Criteria

The pandemic brought about a brand-new composite sort of how we work. This sea change has raised new compliance issues that did not definitely exist in the past when design happened in an organization’s building and on lock, internal networks squandering the organization’s manoeuvres. Today, IT Admins need to worry about data protection and compliance while expanding the technology footprint by including off-premises and personal devices.

In an commodity also published today, my colleague Radhi Chagarlamudi discusses how the NSA’s guidelines radiance a spotlight on why organizations need to consider security across the entire collaboration ecosystem. She rightly announces out why presidents need to consider the collaboration works useds fill throughout their day, whether each service is secure, and how IT Admins can manage the ecosystem and address issues as they come up.

Scope and Depth for Security in Collaboration Business

Breadth and depthWhether in the role, at home, or on the go, our approaching to securing maneuvers, material, employments, data, and users is holistic and 360 -degree in nature. We to be used to show those customers by easily integrating with existing identity providers already used in many organization’s environments for consistent application of their policies.

For many years, patrons have entrusted Cisco Webex with their mission-critical collaboration, joins, contents, announcing, and data. They look to Webex to protect their data, help them abide by privacy laws and regulations, and reduce the risk of exposure to contestants, proprietary or sensitive data becoming public, unwanted press, and a bad stature. Webex requires a thickened collaboration programme that helps keep customers’ data lock by making privacy and security the top priority in the specific characteristics, exploitation, deployment, and maintained at our systems, platforms, and works. Webex utilizes multiple technologies, procedures, and units to ensure the collaboration platform fills privacy and security requirements and gives customers a pick of region to store their used content.

Webex has a repeatable and measurable process in its Secure Development Lifecycle. This includes threat sit, assure scheme and coding, vulnerability testing, privacy impact assessments, and third-party security appraisals. We determine and remediate vulnerabilities on an ongoing basis and monitor networks and systems to detect outages, assistance latency, and unusual and illegal the operations and occasions. We also have a privacy program based on “privacy by design” to protect our customers’ Personally Identifiable Information( PII ). The program includes a Privacy Impact Assessment( PIA ), happen response , notice to patrons, and management of subject requests.

Ensure In all the regions of the Ecosystem

The Cisco Webex ecosystem residences core insurance criteria like multi-factor authentication and controlling how collaboration invitations are shared. But we go beyond that. At Webex, where safety is “built-in and not bolted on, ” we add true-blue end-to-end encryption for verse sends, fulfills, file sharing, and screen sharing- all criteria noted by the NSA in its report. While the Webex App supports a rich customer know-how for useds, our arrangements rest assured that the subscribers and organization’s data is secure across the board. Let me spotlit a few examples of how we go beyond in our mission of security and compliance.

Securing Consumers and Designs

To further fasten user access, Webex has automated user on-boarding and off-boarding( SCIM or AD Sync ), single sign-on with customer’s choice of identity provider, multi-factor authentication via Cisco Duo or HOTP Authenticator, standard OAuth 2.0 -based authorization, anonymized used identities, role-based feature access control, and delegated administration.

When using Webex, we too procure the user’s maneuvers. All content created in Webex is encrypted end-to-end -- even the cached content. Our built-in MDM capabilities thru Webex Control Hub ensure secure access for maneuvers, including PIN lock to propel the app, admin controls for document sharing, and the disabling of message notification previews so no one can snoop letters on a locked screen and ability to remotely clean Webex meanings in case of loss of device or theft.

Securing Content and Meetings

End-to-end encryption stops all Webex content secure, including pursuits. Constitutions likewise have the option to store their encryption keys on-premises, providing them ultimate control. With the end-to-end encrypted alternative for sessions, patrons have exclusive regulate of the convene encryption keys, and Cisco and anyone cannot access their find material. We have been doing this for 12+ times and simply announced a new standards-based approaching to Meetings end-to-end encryption that also provides end-to-end validated identity and support for conference room manoeuvres

Differentiated Security built in security

Data Loss Protection( DLP)

At Webex, we’ve designed our ecosystem to help to keep users from compiling misconceptions before they happen. Through our Data Loss Prevention( DLP) facets, organizations can prevent important information from being shared maliciously or inadvertently in congregates or messaging. Constitutions can track see material, words, and documents that are affixed in spaces, move users added to spaces and join attendees, self-control unwanted customers in spaces, and avoided incidental or deliberate sharing of sensitive data and information. Webex is the only collaboration solution that enables customers to use their existing DLP implements and policies for fits recordings and transcripts.

Webex Integrations

Built-in Compliance

With Webex Control Hub, organizations can define their data retention policy for rallies and messaging, including records, highlights, transcriptions, and messaging content. Establishments can easily search convenes and messaging content exercising the eDiscovery search and extraction tool. This solution provides support for any expected cloud insurance compliance certifications and compliance regulations. In add-on, IT Admins are provided with dominances to minimize their risk profile including disabling sharing of folders for high-risk consumers, incapacitating screen sharing, or seeing external and internal communications.

Go Security Capabilities: Cisco-on-Cisco Security Advantage

To extend the security capabilities of Webex, best-of-breed integrated solutions can be quickly deployed to protect an organization’s data as well as the data of its partners. They impede sensitive data leakage and add anti-malware protection and multi-factor authentication.

To ensure users adhere to compliance programmes, Cisco Cloudlock supports visibility into and oversight matters over confidential information stored in Webex messaging with more than 80 existing policies and an ability to create new programmes. Cloudlock can automatically remove data or themes when plan contraventions are discovered , apprise admins, and remove users from spaces.

To help fighting malware attacks, Cisco TalosClamAV scans all files uploaded for Trojan attacks, viruses, malware, and other malevolent menaces. All folders shared in Webex that an organization designates are scanned and remediated, even though they are uploaded by external customers. Infected documents will be commemorated clearly, and end-users will not be able to download them on both organization-managed and personally organized devices. Cisco TalosClamAV searches one billion files daily for over 10 million customers, with 7.2 trillion assaults stopped every year.

Certificate for the Remote Worker

Securing the remote customer and their data will continue to be a prime guiding in the new composite toil representation. Whether consumers are working from dwelling, in shared co-working offices, or remote roles, the same security coverage inherent with on-premises study needs to be extended to these craftsmen in the hybrid sit. To further enhance security for the remote craftsman, Webex has created a cost-effective suite of mixtures for endeavour and SMB makings alike. With Cisco Webex Secure Remote Work answers, services such as fills, messaging, and announcing are secure. But that security coverage extends to endpoints, multifactor authentication, DNS protection, and malware protection for inbound and email.

To learn more about how Cisco Webex is procuring the collaboration ecosystem, you can read more about our Secure Development Lifecycle and the Cisco Webex Security Advantage

Learn More

What's brand-new in Webex: April 2021

Webex: Setting the Standard for Security and Compliance with New Tools to Keep Your Meetings and Content Safe and Secure

Cisco Collaboration Flex Plan Now Includes Cisco Calling Plans and Better Together Security+ Collaboration Offers

Read more: blogs.cisco.com

Comments (0) Trackbacks (0)

No comments yet.


Leave a comment

No trackbacks yet.