Comprehensive software reviews to make better IT decisions
Cisco Briefs on Latest Security Features for Webex
On May 21, 2021, Cisco briefed on Webex’s security features. Cisco is a market leader in collaboration and communication technology, with several differentiated security advantages. The briefing included not only information on the intricate administration control for end users when using Webex from any device, but also Cisco’s certifications and compliances more broadly.
With Cisco’s Secure X platform, organizations can maintain device compliance remotely. Certain features of device security include forced logout and remote wipe, in-app PIN lock enforcement, and blocked notifications on the lock screen. Organizations can also set parameters for calling controls and data loss prevention (DLP). For the former, users can set voicemail PIN policies, disable voicemail forwarding to email, and call blocking. For the latter, a unified DLP policy can be set for real-time file-sharing through messaging and for meetings and messaging content.
Cisco reinforces these security features with market-leading security certifications. Alongside ISO, SOC2, HIPAA, and FedRAMP, Cisco is also HITRUST compliant, with a DoD IL-5 certification in progress. Organizations can also choose to leverage Cisco’s extended security pack, which includes Talos anti-malware and CASB/DLP; DUO MFA is currently under consideration.
Our Take
After Zoom’s public relations incident over security concerns at the start of the COVID-19 pandemic, collaboration software vendors were quick to emphasize their (stronger) security features to attract Zoom customers. (Let's not forget Cisco’s own frustration with Zoom’s Webex Connector that had a security flaw in December 2019.) While Zoom has made significant improvements since then, Cisco continues to lead with a long history of certifications and compliances. Indeed, Webex was the first collaboration tool to achieve end-to-end encryption in 2008.
Of course, technology can only do so much when it comes to security. A fully encrypted device with MFA will count for nothing if a worker forgets to lock a virtual meeting room or accidentally shares a file with the wrong person. Organizations should of course ensure the technology is secure; but the technology can only be implemented if users know how to leverage it. Organizations should therefore be sure to engage their users with frequent security training to limit incidences that come from remote collaboration.
Source: SoftwareReviews Web Conferencing. Accessed 31 May 2021.