Clouds are expensive to build, and since providers only realize revenue per user per month, there wasn’t an expectation for providers to make a quick profit. Basically, the playbook that Amazon and Salesforce followed said to reinvest every dollar into the offering and marketing in order to build a defensive moat.
That worked until it didn’t. We accept things, sometimes things we know to be broken, until we don’t. Just as we know businesses need to be profitable, we also know they need to be secure. For years, we have all been looking the other way when it comes to security and privacy.
Looking the other way has become painful. 2019 provided a constant reminder that security and privacy can’t be assumed. The frequency and magnitude of data breaches became numbing. Here are just a few examples:
Security has always been important, but the risk has increased. First, there’s more data. After years of digital transformation initiatives, almost everything we do at work involves and generates data. The rise of the cloud has made it harder to contain data from both storage and API perspectives. Something as simple as a doctor’s visit used to result with some notes stored in a locked file cabinet. Today, that information gets logged in software, uploaded, and disseminated in ways that can be hard to contain.
Enterprise communications is right in the thick of it. Workflows routinely involve email, messaging, calendaring, and meetings — all of which are likely digital. Corporate collaboration software likely knows who you interact with, what’s on your calendar, where you are, what you are working on, and all kinds of other non-public details. Encryption is rare, most calls, email, Fax, and SMS communications aren’t encrypted.
Encryption is most common with internal communications such as messaging/chat apps and some conferencing solutions. But encryption alone isn’t sufficient. With Cambridge Analytica, the issue was access to encrypted data, and the same issues are relevant for enterprises. If the provider has access, that means data privacy is susceptible to its management practices as well as risks such as admin curiosity, bribery, mistakes, and hackers. Providers often retain access for enhanced services such as search and analytics.
The situation is creating a dilemma: We value intelligent and contextual services, but trust in the security and privacy of our providers is declining. Do you know if your provider uses subcontractors? Consider that a Facebook contractor was recently charged with taking payments to circumvent Facebook’s policies
. Would your provider notify you if it was ordered to turn over your data? Consider Evernote complying with a court order
to turn over user data. Warrants and subpoenas can include a gag order
that prevents a provider from notifying its customers.
It’s clear that security plans are getting promoted from the bottom left drawer. Customers are demanding more information and more control over the security and privacy of their data. Enterprise communications are right in the thick of it. That’s why the theme for this year’s Innovation Showcase at Enterprise Connect 2020
is security. There is no cap or restriction on company size.
There’s been tremendous innovation in security technologies and practices such as biometrics, AI, zero trust, and blockchain. We are seeking solutions that specifically improve the security of enterprise communications, which can include voice, video, messaging, contact centers, email, wireless, and/or other forms of communications and collaboration. It can apply to real-time interactions as well as content sharing, operations and management, payment processing, customer information management, mobility, and authentication to name a few. The vendors need to be new to Enterprise Connect, but the solutions can apply to established ecosystems.
With regards to security, 2019 was a terrible year. For 2020 to be better, we need new ideas that find their way to enterprise IT buyers.
Dave Michels is a Contributing Editor and Analyst at TalkingPointz.
The Innovation Showcase: Security & Privacy session is part of the Management & Security track at Enterprise Connect 2020. Check out the programming for that track here and the full conference program here, and register today with the code NOJITTER to save $200 off the current rate.