I had the pleasure of participating in the Oct 14 webinar with Twilio, Securing Cloud Communications for the Enterprise, now available for viewing on demand. Here's a little taste of the subject matter we explored:
We have come to embrace cloud delivery for many critical business services and understand the value the cloud provides. On the surface, carrier SIP trunks may look like a cloud service because they are delivered via an IP-like connection, but when you dive in, you find that they don't share the typical benefits associated with established cloud services such as Salesforce, Yammer, and ServiceNow.
In contrast, SIP trunks delivered via the cloud are able to offer the same benefits of other cloud services. This is because they are not encumbered by a legacy TDM infrastructure that precludes many of the expected benefits of a cloud solution.
When I personally think of the cloud, I begin by picturing elastic services that are delivered through Internet technologies. Unlike traditional, on-premises, non-cloud configurations, these services grow and shrink on demand. So, as an enterprise expands and contracts, the cloud services it employs do the same.
Other benefits of this approach include:
This shift from on-premises to cloud also converts CAPEX spending to OPEX spending.
Let's compare that to the traditional model for delivering SIP trunks, where your session and bandwidth needs must be anticipated up-front. This makes it much harder to dynamically grow or shrink your usage. From my experience, the traditional carrier requires 30 to 45 days to make a soft change, and you are often locked into physical configurations that require even more time to implement or alter.
Business continuity is also a more complicated affair. In fact, disaster recovery is typically limited to something akin to call forward. This makes a "Work From Home" fallback nearly impossible.
Moving to cloud-delivered SIP trunks, we see a very different model. We get pay-by-the drink pricing; dynamic scaling up and down; on-demand, user-driven configuration; an impressive service reach that extends from local to global; and business continuity well beyond that of simple call forward.
In essence, communications can be made available to those who need it as long as they have access to an Internet connection. This allows an enterprise to deliver traditional forms of recovery such as soft and mobile clients, as well as WebRTC interfaces that can be fired up when disaster strikes.
No Jitter recently conducted a survey on cloud communications, and by far, most respondents chose security as the key barrier to cloud adoption. A few years ago I might have guessed that quality or features would be the front runners, but those concerns appear to have fallen off as technology has solved the big issues.
Enterprises are smart to be concerned about securing their communications. I did a little research and found the following facts from a Communications Fraud Control Association survey that may be of interest:
The price of toll fraud extends beyond high telephone bills. Nasty people can also hack into your communications to steal business information. Breaking into the calls between executives might provide a hacker with insider trading information. Not only is your system being compromised, but you may be held legally liable for leaked information.
Clearly, you don't want to be the one responsible for insufficient security and preventable break-ins.
You may not know this, but not a single one of the traditional voice carriers (AT&T, Level3, Verizon, CenturyLink, etc.) support encryption on their SIP trunks. This means that SIP signaling will be sent in clear text, and media will be unencrypted G.711 or G.729. While they will argue that by using MPLS as their delivery mechanism encryption is not required, try telling that to your security team who insists that every byte of corporate information be obfuscated.
Twilio recognized that gap and offersTransport Layer Security (TLS – secure SIP signaling) and Secure Real-Time Protocol (SRTP -- secure media) on all their delivery mechanisms, including MPLS. Add authentication to the mix and you have a SIP trunk platform that will pass even the strictest security audit.
If you were an attendee of the recent webinar, you learned how Twilio is delivering communications in new and exciting ways. If you missed the live event, you have another chance to learn why you need to pay attention to this important change in SIP trunking: Attend the webinar now on-demand!
Andrew Prokop writes about all things unified communications on his popular blog, SIP Adventures.
Follow Andrew Prokop on Twitter and LinkedIn!
Andrew Prokop on LinkedIn