Cisco’s website notes that information sent from a WebEx application to the WebEx cloud occurs through an encrypted channel, that supports the TLS 1.2 protocol (which allows for secure data communications between a browser and the destination server) and uses high strength ciphers (algorithms for encryption and decryption) such as AES-256. The Cisco Webex Security Difference. Security is built into Cisco Webex DNA. Cisco has invested heavily to build a culture of security with the right checks and balances in place. Which is why Webex is built with security from the ground up. Webex chooses the most secure default settings out of the box thereby enabling users to starting.
Encryption. We’ve all heard that word, but what does it mean?
Encryption, in short, is the process of encoding data in a certain way so that it’s not easily understand by people who shouldn’t have access to that data. In the security world, there are two types of encryption that matter. Encryption At Rest & Encryption in Transit. Encryption At Rest means that the data is encrypted as it sits on the servers as well as the payload that gets sent to and from its parties. Encryption in Transit is likely a bit more familiar. SSL (Secure Socket Layer) or TLS (Transport Layer Security) are widely used across the internet and in most (if not all) apps you use on a daily basis. Its the process of encrypting the data in transit as it traverses the “wire” from source to destination.
What is E2E encryption?
Winamp portable download zip. E2E encryption is a method used to protect the data being sent and received from one party to another in a way that limits the ability for only authorized users to access. It prevents eavesdropping by providers and other entities by the use of encryption keys.
What organizations would use E2E encryption?
Local, State, and Federal Government agencies. Schools, Universities, and Health care facilities.
Why does this matter?
Encryption plays a very important role in how we interact with our work colleagues and potential clients with the use of video conferencing software. Without E2E encryption, all video streams to/from the cloud provider can be viewed. With E2E encryption enabled, the provider sees nothing. If your company requires high levels of security or compliance requirements, this is important.
What encryption capabilities does Webex have?
In a normal Cisco Webex Meeting, media streams flowing from a client to Cisco Webex servers are decrypted after they cross the Cisco Webex firewall. Cisco can then provide network-based recordings that include all media streams for future reference. Cisco Webex then re-encrypts the media stream before sending it to other clients. Cisco Webex, like other video conferencing platforms, is not impervious to scrutiny from industry experts and researchers. As recently as January 2020 NIST showcased a large vulnerability present in the 39.11.5 and 40.1.3 versions of Cisco Webex. One big point here is that Webex DOES have E2E encryption capabilities, but not by default. Companies looking to enable E2E encryption must first read the limitations carefully. A good portion of the limitations listed are features you use every day. With E2E encryption, it makes sense why these are no longer available, let’s review:
Limitations:
When E2E encryption is enabled, the following features are not supported:
- Join Before Host
- This is due to the host providing the Encrypted Symmetric Key. No host, no key.
- Telepresence Video End Points (formerly known as Collaboration Meeting Rooms Cloud)
- This is a huge one. The majority of user join meetings from conference rooms.
- Cisco Webex Meetings Web App
- Again, another big one. While I don’t know many users join from the Webex Meeting Web App, this hampers the join experience
- Linux clients
- <crickets>
- Network-Based Recording (NBR)
- NBRs use a form of call forking to create another call leg that gets sent to a server for recording. No key, no recording.
- Saving session data, Transcripts, Meeting Notes, and etc.
- Remote Computer sharing
- The last big issue. Lots of Webex’s are used for sessions that require the presenter giving up their mouse/keyboard to another person. Not possible with Webex E2E encryption enabled.
- Uploading shared files to the meeting space at the end of the Cisco Webex Meetings
- Personal Meeting Rooms
Why the limitations?
Behind the scenes, the Webex host generates a symmetric key using a Cryptographically Secure Pseudo-Random Number Generator (CSPRNG). From there, it encrypts it using the public key that the client sends, and sends the encrypted symmetric key back to the client. The traffic generated by clients is encrypted using the symmetric key. In this model, traffic cannot be decoded by the Cisco Webex server. This End-to-End encryption option is available for Cisco Webex Meetings and Webex Support.
How do I enable E2E encryption for my site?
Make End-to-End Encryption Mandatory for Cisco Webex Meetings
| 1 | Sign in to Webex Site Administration and go to Configuration > Common Site Settings > Session Types. |
| 2 | In the Session Code column, click the link for each of your site’s custom session types one-by-one, and check the End-to-End Encryption check box. Then select Update. For any new custom session types that you create, be sure to check the End-to-End Encryption check box. |
| 3 | After you update the custom session type, check the Default for New Users check box for the session type you just updated, and select Update. |
Make End-to-End Encryption Optional for Cisco Webex Meetings
| 1 | Sign in to Webex Site Administration, go to Configuration > Common Site Settings > Session Types. |
| 2 | In the Session Code column, locate the primary session type you want to create a custom session type for. |
| 3 | Select the Add session type for <session type> link. |
| 4 | Enter a name for the custom session type. |
| 5 | Check the box in the Features column next to End-to-End Encryption and select Add. |
| 6 | To enable the session type for specific users, go to User Management > Edit User and check the box for those users under the session type you just created. Those users will have the custom session type available under Meeting type when they schedule meetings using the Advanced scheduler. |
Why Cisco Webex?
Cisco Webex offers a medley of different options to enable your users (who need it) to use E2E encryption on an as-needed basis. Whether your users are scheduling Happy Hour COVID-19 this week or a super secret board meeting requiring E2E encryption, feel good in knowing that while limited in capabilities when enabled, Cisco Webex is fully transparent in what it can and can’t do.
If you have any questions or concerns, please reach out to alutz@cloverhound.com. Thanks!
Teams E2e Encryption
Is the rule of seven a real thing? Does it really take hearing something seven times before it sinks in and makes an impact or a change?
How many times have you heard the term ‘customer lifetime value’, nodded your head thinking it’s important and moved on? Lifetime value (LTV) isn’t a new concept, but it’s amazing how many books have been written on the subject and how many companies have not used its theory in their business strategy.
Think about it this way, if you sell and move on, that’s a one-time deal. If you take the time to learn what the customer liked and in some cases, didn’t like, you can improve their experience at every touch point.
It is our job to guide our customers through this new digital transformation age. It is then more likely that a happy customer will be a repeat customer.
Somewhere special, in the heart of the Alps, I meet with someone whose job is to set the innovation pace with customer interactions using Cisco Webex Calling. Francesco Iarlori is head of innovation and digital strategy at Halldis, a specialist holiday dream maker – renting insta-worthy apartments across Europe.
We sat down in a new build chalet resort getting ready for this year’s ski season. So, what’s the secret to great customer experience and making holiday dreams come true?
Turns out there’s a few.
Go the extra mile
“When you travel for leisure, you want the usual amenities – and of course we provide them. But we want to extend our personal touch to all aspects of the customer experience: cultural, social, gastronomic and more”, says Iarlori.
Often when people book a holiday, they may have not visited that country before. Halldis make it a priority to keep in close contact with their customers and learn what they are most interested in doing when on holiday.
Is Cisco Webex Safe
In the resort we are currently sitting in, there are Webex devices set up in the apartments which allow for renters to talk directly to Halldis if they have any questions or concerns. This is particularly helpful if they are staying for an extended period of time.
How Safe Is Webex
Using Webex, Customers can easily send an IM or jump on a video call to ask us about nearby transportation, events they should attend or local food they highly recommend. They can have an omnichannel experience and choose whatever platform they feel most comfortable using.
Be a human
It’s easy to get caught up with new technologies such as artificial intelligence. But it’s how we use this technology to provide better human experiences that matter. For example, with natural language detection, customers all across Europe can be routed to the correct person or agent within Halldis who can help in their native language.
Using cognitive collaboration capabilities allows agents to learn more about their customer by simply viewing their profile in Webex. Seeing that your customer studied history, the agent can suggest a close by natural history museum they may find interesting. Or if they have a Labrador, a local dog park nearby.
Iarlori goes on to say, “we are radically changing the way we live and the way we interact with technology. But we don’t need to just speak with technology. We need to speak with humans.”
Iarlori explains these are true differentiators between a one-time sale and achieving customer lifetime value.
We left the chalet resort and walked to a local family Italian restaurant with the Halldis team before driving back to Milan to see some more of their luxury apartments in the heart of the city.
How the Halldis team planned our trip to visit them was the epitome of what we discussed with Francesco and his team. Cisco anyconnect secure mobility client download windows 64 bit for older video cards. They even went the extra 200 miles to bring us to their new resort in the Alps!
To see more about Halldis and how they use Webex to facilitate real customer interactions, watch the video here.
Tags:Webex Teams Security White Paper