Stop relying on VPNs and add-ons to keep clients safe and build security into system architecture.

November 11, 2021

5 Min Read
Secure Your Customers (and Their Business) Through Your System's Inherent Design

By Robert Cooper


Robert Cooper

It shouldn’t be news to managed service providers that security is a top priority for any unified communications and collaboration (UC&C) installation. System intrusions, ransomware and malware are growing more rampant by the day, and smart hackers know that a business’ communications system is often the simplest route to personal data. Any time a security breach does happen, it’s the systems integrator who’s left on the hook, making it all the more crucial to get everything security-related right from the start.

Even with these drastic circumstances, most MSPs fail to implement security in a truly effective way. Far too many professionals are still relying on virtual private networks (VPNs), session border controllers (SBCs), or dedicated hardware devices or software apps that govern the way phone calls are handled on voice over Internet Protocol (VoIP) networks, and other external add-ons, which puts customers’ systems at risk in two main ways.

How External Measures Fail

First, these external measures fail to balance secure protocols against the user experience. Yes, you want your customers to not fear eavesdropping or hacks — but just as much, you want them to feel free in using their solution, unbound by standards that may inhibit their experience. With external systems, this falls by the wayside, be it due to clunky logins for VPNs or add-on programs bringing extra bulk to day-to-day usage. So, either the end-user gets fed up with the system and switches providers, or they find a work-around and leave the system vulnerable.

Second, VPNs and their like aren’t effective ways of keeping up with changes. As businesses shift work habits, the communications system has to change alongside the company, but with security as an add-on, keeping data safe is a game of catch-up, with the MSP forced to build new walls around the system as it alters. On the flip side, changing threats make it necessary to update security measures, which in the case of external protection is difficult due to just how complex it is to reconfigure security add-ons.

The root problem is conceiving of security as something to be slapped onto a system after the fact, like duct tape trying to hold up the foundations of a shaky house. The only way out here is by using a system with secure-by-design architecture.

Defining ‘Secure by Design’

A solution being “secure by design” means it operates securely through its inherent architecture, not thanks to external add-ons and not because every end-user is implementing security best practices. Here, there are no measures that get in the way of the experience, and there aren’t any protocols that users can disable. The security is embedded into the system itself and how the whole of it functions.

A system of this nature is achievable through existing technology, primarily WebRTC (Web Real-Time Communication functions that enable voice and video to work inside web pages), and up-to-date Transport Layer Security (TLS) standards for encryption. Through these technologies, users get a system where connections are verified as secure automatically, so that end-users don’t have to worry about adhering to strict standards when they collaborate. This is a system that encrypts messages as they’re sent, works through peer-to-peer instances, and keeps exchanged files and recordings secure at all times.

Becoming More Reliable

More important than the “how” of this setup are the results, which improve business for end-users and MSPs alike.

This setup keeps systems more secure at all times, especially in a …

… modern business context. Now that communications systems have moved beyond just phones, security has to apply to any device businesses connect to the internet, from computers to Internet of Things tools such as video doorbells. Using that secure-by-design setup, all of these devices are reliably secured just by working over that safeguarded network. Thanks to native encryption measures and reliable connections, anything connected to the secure-by-design system is itself reliably safe.

A secure-by-design system helps the MSP when it comes to expanding a customer’s communication capabilities. Anyone who’s been paying attention to the current market knows that work has moved to outside the office, with demand for smart working still around well after pandemic-related lockdowns. Under conventional measures, getting a remote system set up securely takes excessive time and sweat: VPNs, external privacy settings and more have to be bolted on before the user sees even a second of use.

However, if the system is secure by design to begin with, expanding it is no problem. With this setup, the same security that users get within the office goes with them outside the office, as they’re still on that secured system. This translates to less time on the MSP’s end spinning up the system, and less time on the customer’s end waiting to launch smart working in full.

Takeaways for the MSP

In terms of immediate value, then, MSPs stand to gain an easier job maintaining solutions with systems that are secure-by-design. Such a system grows and changes without requiring much effort, but any required patches or hotfixes can be applied at a foundational level, making the update process cheap and painless.

In an online environment rampant with threats, end-users need reliable security and MSPs need an easier way to provide it. For both sides of a UCC setup, it’s vital that data protection be a core pillar of the system itself.

Robert Cooper is the managing director Americas at Wildix, a global provider of unified communications solutions that enhance the security and functionality of digital business communications. He has experience in bringing new concepts to market through the channel and is well-versed in how new market models and technologies affect the channel today. You may follow him on LinkedIn or @Wildix_ on Twitter.

Read more about:

Free Newsletters for the Channel
Register for Your Free Newsletter Now

You May Also Like