Podcast: Unified Communications Security in a Web 2.0 World
By Kailash Ambwani, president and CEO, FaceTime Communications
At the heart of Unified Communications are a core of real-time services such as instant messaging, chat, IP telephony, video conferencing, and of course e-mail. However, these enterprise-deployed platforms do not exist in splendid isolation. Today's Internet relies on a new generation of Web 2.0 applications that co-exist alongside the corporate UC platform. Made up of thousands of generally user-deployed tools -- from IM, P2P, social networks, VoIP and video conferencing – the New Internet brings a myriad of challenges to the UC platform deployer. Centrally securing and controlling both the UC platform (whether that's Microsoft OCS, IBM Lotus Sametime or Cisco UCM) and allowed Web 2.0 tools – maybe Skype, Twitter and GoogleTalk -- is key to a secure, compliant Enterprise 2.0 deployment.
In the good old days, when instant messaging came on the scene and FaceTime began securing and managing online conversations, there were few thoughts of an enterprise platform and the risks created by running uncontrolled publicly available Web 2.0 tools alongside UC. Today, tools such as Skype, Windows Live, Twitter, and GoogleTalk -- along with online tools for file transfer, video, and screen sharing -- share the same bandwidth, the same network space, and reside on the same desktops as enterprise-grade Unified Communications tools such as Microsoft Office Communications server, IBM Lotus Sametime, and Cisco. This converged space is a mash-up of enterprise deployed tools and Web 2.0 tools that 53% of end users believe are better than “those that my employer officially provides." It calls for a new set of unified management tools that can monitor, filter and archive online conversations to prevent data leaks and block malware.
In a Web 1.0 world, CIOs opted to block undesirable Web traffic and URLs to protect their networks. But with the increasing integration of UC and public tools – along with a social media explosion -- corporations find that they need to promote customer and market interaction using public Web sites such as Twitter, LinkedIn and Facebook. They must do this in a secure way. Organizations are choosing to deploy UC gateway connections to public IM networks or federate with customers, suppliers and partners to improve collaboration and communications. Business and individuals alike are seeking new ways to find and do business. Financial services professionals, for example, find they can attract more and better quality customers through social media sites like LinkedIn. Likewise, HR managers understand that the next generation of employees will expect social media to be an extension of their profession. The launch of Microsoft Outlook's Social Connector is a further step towards the conjoined Web2.0 and Enterprise 2.0 world.
Increased access and connections to external parties, in a drive for collaboration, productivity enhancements and cost savings comes with risks. Data leaks are an increasingly common threat, not because of an increase in malicious users, but because of an increase in the channels through which employees can innocently expose sensitive corporate information. Consider, for example, the HR department that uses a public IM platform such as MSN as a departmental communications platform. They may innocently send Social Security numbers via IM to look up employee records. Or consider the sales rep who asks his LinkedIn network for help preparing a confidential bid. Both are innocent errors, but they will be prevented if the appropriate UC data filtering is in place. And the same data filtering can be deployed for all UC channels to block sensitive information before it leaves the corporate network.
And these same tools need to be able to log and archive these conversations for regulatory and e-discovery purposes, which are an increasingly necessary (and potentially costly) requirement for organizations. Revisions to the United States Federal Rules of Civil Procedure in 2006 made electronic discovery rules much stricter. Electronic conversations, too, including e-mail, IMs, and even Twitter and Facebook postings are considered part of the data traffic that have to be captured as part of e-discovery. According to recent research from the Aberdeen Group, the cost of non-compliance can be dear: from $1.1 million for HIPAA and $2.1 for Sarbanes-Oxley violations. That's why all corporations are looking for new tools to not only manage their UC traffic, but capture and archive it as well.
Today's Unified Communications requires a unified management strategy that encompasses all channels of communication – those provided by the corporation, sanctioned public tools -- and rogue traffic as well. The objective is to not only block and control access. The goals also include filtering monitoring data traffic to promote secure interaction and archiving conversations for e-discovery. With a consolidated strategy, you can manage the conversation, no matter where it takes place in your network.
Kailash Ambwani is president and CEO of FaceTime Communications, the leading provider of solutions enabling the safe use of Web 2.0 and Unified Communications in the enterprise. Ambwani is a successful entrepreneur with more than 18 years in consumer and enterprise software and services. In addition to FaceTime, he has worked with such companies as Genesys, Astound Incorporated, Gold Disk Inc., and other startups. He holds a Master of Science degree in Theoretical Astrophysics and a Bachelor of Science degree in Theoretical Physics from McMaster University.