Secure Customers (and Their Business) via Your System's Inherent Design

Secure Your Customers (and Their Business) Through Your System’s Inherent Design

Written by Robert Cooper
November 11, 2021

Stop relying on VPNs and add-ons to keep clients safe and build security into system architecture.

Robert Cooper

It shouldn’t be news to managed service providers that security is a top priority for any unified communications and collaboration (UC&C) installation. System intrusions, ransomware and malware are growing more rampant by the day, and smart hackers know that a business’ communications system is often the simplest route to personal data. Any time a security breach does happen, it’s the systems integrator who’s left on the hook, making it all the more crucial to get everything security-related right from the start.

Even with these drastic circumstances, most MSPs fail to implement security in a truly effective way. Far too many professionals are still relying on virtual private networks (VPNs), session border controllers (SBCs), or dedicated hardware devices or software apps that govern the way phone calls are handled on voice over Internet Protocol (VoIP) networks, and other external add-ons, which puts customers’ systems at risk in two main ways.

How External Measures Fail

First, these external measures fail to balance secure protocols against the user experience. Yes, you want your customers to not fear eavesdropping or hacks — but just as much, you want them to feel free in using their solution, unbound by standards that may inhibit their experience. With external systems, this falls by the wayside, be it due to clunky logins for VPNs or add-on programs bringing extra bulk to day-to-day usage. So, either the end-user gets fed up with the system and switches providers, or they find a work-around and leave the system vulnerable.

Second, VPNs and their like aren’t effective ways of keeping up with changes. As businesses shift work habits, the communications system has to change alongside the company, but with security as an add-on, keeping data safe is a game of catch-up, with the MSP forced to build new walls around the system as it alters. On the flip side, changing threats make it necessary to update security measures, which in the case of external protection is difficult due to just how complex it is to reconfigure security add-ons.

The root problem is conceiving of security as something to be slapped onto a system after the fact, like duct tape trying to hold up the foundations of a shaky house. The only way out here is by using a system with secure-by-design architecture.

Defining ‘Secure by Design’

A solution being “secure by design” means it operates securely through its inherent architecture, not thanks to external add-ons and not because every end-user is implementing security best practices. Here, there are no measures that get in the way of the experience, and there aren’t any protocols that users can disable. The security is embedded into the system itself and how the whole of it functions.

A system of this nature is achievable through existing technology, primarily WebRTC (Web Real-Time Communication functions that enable voice and video to work inside web pages), and up-to-date Transport Layer Security (TLS) standards for encryption. Through these technologies, users get a system where connections are verified as secure automatically, so that end-users don’t have to worry about adhering to strict standards when they collaborate. This is a system that encrypts messages as they’re sent, works through peer-to-peer instances, and keeps exchanged files and recordings secure at all times.