Collaboration without compromise: A security-first approach to telework
April 24, 2020 1:00 pm
3 min read
This content is provided by Cisco.
As government agencies transition to remote working, leaders at every level are taking a closer look at the tools they must rely upon to do so. As this scrutiny mounts, so does the realization that both security and privacy are fundamental needs for government organizations.
As part of Cisco, one of the world’s leading enterprise security providers, Webex® is trusted by 95% of the Fortune 500 and over 2000 government agencies. And, as a FedRAMPSM Authorized solution, Webex provides government a robust, industry-leading, cloud-based real-time video meeting solution that adheres to stringent Federal security requirements. In doing so, it reflects our guiding principle – Collaboration without Compromise.
With this in mind, we’re committed to helping government agencies like yours address remote workplace productivity, connectivity, privacy and security in three distinct ways.
At Cisco, security is never a tradeoff for convenience or speed
App developers often like to provide users the convenience and simplicity of single sign-on (SSO). When implemented correctly, SSO can also be secure. For example, multi-factor authentication protects identity provider credentials, without asking a user to create yet another password. Vendors with broad consumer adoption, including Facebook, Google, and Microsoft, all offer many ways to easily leverage their excellent SSO capabilities. The Facebook Software Developer Kit (SDK) offers a simple way to integrate SSO with sign up and login flows. Facebook also makes it clear what data this SDK collects – and offers the option to disable data collection if a developer chooses.
When our application designers were integrating SSO with services from Facebook, Google and Microsoft, we faced two choices. One choice (the fast and easy way) was simply embedding these SDKs. But we chose another path: following the standard and secure method of OAuth (an open standard for access delegation). This keeps Cisco Webex secure and private without sacrificing speed. It’s a unique approach that has allowed us to build a trusted industry-leading brand for government use.
Cisco applies proven processes for built-in security and privacy
Software developers have many choices when building solutions. For example, an enterprise-class software development organization may implement a secure software development lifecycle (SDLC) with checks and balances to deliver secure, quality solutions.
But quality is measured by more than just if a product works – it’s also measured on how it works. That’s why at Cisco, our SDLC helps us develop products with a foundational security built-in. And why we also develop long-standing practices to help maintain your agency’s privacy, such as making opting-out of sharing data the default.
Cisco is transparent
The other critical factor of product security is transparency. Whenever vulnerabilities arise, it’s critical to remediate them immediately and then proactively disclose them. That’s why Cisco discloses all security vulnerabilities, including those we find in our own penetration testing.
We achieve this high level of transparency by having an independent Security and Trust organization separate from our product engineering. These checks and balances require corporate-wide investment and commitment to security. This reflects our commitment to transparency for security and privacy in our products and services for government.
Security and privacy are fundamental – protect them
As government agencies transition to remote working, they must leverage existing partnerships with their trusted private-sector partners. Your agency can do this by leveraging Cisco’s FedRAMP Authorized Webex solution to empower real-time video and information sharing that is protected by industry-leading security.
At Cisco, we’re uniquely positioned to help your agency maintain continuity of operations and even enhance your productivity while doing so. You can achieve it by deploying the Enterprise level unified communications and collaboration offered by Webex. And it’s all backed by Cisco’s decades of experience as a reliable and trustworthy partner with government.
For more information about how Cisco can help your agency meet their business continuity requirements, including practical advice and guidance around teleworking solutions, visit this page.