Security is widely cited as one of the biggest worries in enterprise use of cloud services, and at the same time it's becoming a major concern for communications shops that used to have less to worry about in this regard. (Gary Audin recently highlighted the major VOIP/UC security issues that continue to grow in prominence as the technology rolls out.)
I recently chatted with Jeff Graham, CEO of LayerX Technologies, a company that's come up with an interesting solution to the challenge of hosted UC security. Jeff began by pointing out that, just as basic VOIP injected new security issues into the communications environment, by bringing in IP infrastructure threats like denial of service attacks, the challenges are only going to get deeper over time: The whole philosophy of Communications-Enabled Business Processes (CEBP) involves integrating communications with business applications, thus raising the concern that breaching the security of the communications system could threaten another whole level of the enterprise system.
LayerX approaches the problem of communications security with a focus on managed and hosted service relationships, and particularly how you secure the monitoring and analytics in these scenarios.
If your enterprise contracts with a provider for this type of service, they (and you) might see it as a differentiator for them to offer you proactive monitoring. The problem is that for them to do this proactive monitoring, they're most likely going to need to transmit your network data to their monitoring systems in their own datacenter--potentially opening up that data to hostile interception. That in itself can shut down the conversation between a managed service provider and an enterprise in a highly-regulated vertical like health care or financial.
"If you reach into the network and say: I’ll look at performance of an individual endpoint, look at how it’s performing, who’s talking to who, paths it’s taking--now it needs to be secured," Jeff Graham explained. "Not only has to be secured--you need rules about who can actually see it."
The LayerX solution is to put an appliance on the enterprise site that collects all the monitoring data and only sends metadata upstream to the provider, encyrpting it and running it on a secure VPN. "We don't take any data out of the customer's environment," Jeff explained.
LayerX's secret sauce is in the ability to transmit secure metadata that can be reconstituted at the service provider's datacenter into actionable information, Graham said. The company's platform embeds a firewall and router that runs at Layer 5 on a hardened Linux platform for security and transmission without protocol changes.
As communications continues to seep more and more into enterprise systems, the focus on security will only grow. Jeff Graham notes that we're already looking at the next step beyond CEBP: "Think about the impact of WebRTC," he said. "All Web Services are targets of hacks."
Zeus Kerravala's white paper on secure monitoring and analytics here.
Follow Eric Krapf and No Jitter on Twitter and Google+!
@nojitter@EricHKrapf
Eric Krapf on Google+
