How Zero Trust Security Fuels New Business Growth

How Zero Trust Security Fuels New Business Growth

Bottom Line: Zero Trust Security (ZTS) strategies enabled by Next-Gen Access (NGA) are indispensable for assuring uninterrupted digital business growth, and are proving to be a scalable security framework for streamlining onboarding and systems access for sales channels, partners, patients, and customers of fast-growing businesses. The
5 Simple Tips to Help Avoid Ransomware

5 Simple Tips to Help Avoid Ransomware

5 Tips to Avoid Ransomware Ransomware is a particularly pernicious form of malware: unsatiated by simply using your system as a spam farm or creating a nuisance and otherwise wasting your time, it is software with a direct profit motive—profit at your expense, that is.

CONTRIBUTORS

Why Accept the Hype? Time to Transform How We Approach Emerging Technology

Why Accept the Hype? Time to Transform How We Approach Emerging Technology

Time to Transform How We Approach Emerging Technology It’s like a rite of passage – a new technology pops onto ...
As Enterprises Execute Their Digital Strategies, New Multi-cloud Landscape Emerge

As Enterprises Execute Their Digital Strategies, New Multi-cloud Landscape Emerge

The Multi-cloud Landscape The digital universe is expanding rapidly, and cloud computing is building the foundation for almost infinite use ...
The Effects Of Cloud On Data Center Design & Consolidation

The Effects Of Cloud On Data Center Design & Consolidation

Data Center Design & Consolidation In the CloudTweaks article “5 Ways the Cloud is Redefining Modern-Day Data Centers”, I discussed ...
Data Science And Machine Learning Jobs Most In-Demand on LinkedIn

Data Science And Machine Learning Jobs Most In-Demand on LinkedIn

Data Science And Machine Learning Jobs Machine Learning Engineers, Data Scientists, and Big Data Engineers rank among the top emerging jobs ...
Open APIs Alone Won’t Change Banking

Open APIs Alone Won’t Change Banking

Open Banking API's Most people think of banks as one monolithic entity, but they are actually made up of hundreds ...
Cloud Communications Security: Whose Business Is It, Anyway?

Cloud Communications Security: Whose Business Is It, Anyway?

Cloud Communications Security Don’t count on cloud providers to provide all your UCaaS security It’s official: Unified Communications-as-a-Service (UCaaS) has ...
Digital Twin And The End Of The Dreaded Product Recall

Digital Twin And The End Of The Dreaded Product Recall

The Digital Twin  How smart factories and connected assets in the emerging Industrial IoT era along with the automation of ...
The Lighter Of The Cloud - Virtual Lunch Break
Kevin Riley

When it Comes to the Communications Cloud, You Cannot Manage What You Cannot Measure 

The Communications Cloud

As more and more real-time communications – whether voice, messaging, video or collaboration – move to distributed software and cloud infrastructure, the management and security of real-time services becomes increasingly complex.

Enterprises are moving to a zero-trust security posture, which means that every application must be secured. Real-time communications can no longer be ignored. This is especially true for large enterprise environments in regulated industries where human conversations fall under the compliance umbrella (financial transactions, credit card numbers being provided to contact center agents, healthcare records that include recorded and transcribed evaluations, and so forth). An increasing amount of pressure is being put on IT teams to ensure all data that traverses networks, applications and clouds is monitored and secured.

The fragmentation and complexity of unified communications cannot be an excuse to drive a security posture that is on par with other IP applications running in the enterprise. Now that technology is in place to monitor, for example, email, Dropbox, Slack, Skype and other third-party collaboration networks, it’s not okay to shrug off confidential information leaking out or accidentally being shared by employees or contractors. For real-time communications, we have moved beyond denial of service as the primary threat vector and into the domains of theft of service and use of communications channels for extraction of digital assets.

Analytics and machine learning will play a critical role in enabling enterprises to keep up with this ever-increasing surface area of attacks and increasing level of threat sophistication. Harvesting data from the entire real-time communications infrastructure backed by behavioral analytics and machine learning allows for very sophisticated threat detection and mitigation. In a way, networked analytics and policy “homogenizes” your security borders into a unified perimeter compared to independent edge products acting autonomously.

Another advantage of using data and analytics services to monitor and manage real-time communications (RTC) is the ability to control quality even when there are multiple disparate Voice over Internet Protocol (VoIP) systems interworked together with many different protocols, call routing and load balancing approaches.

Whether a user is making an internal call from Skype for Business to an AVAYA hard phone or an outbound call via SIP trunk, understanding, controlling and automating VoIP networks often requires the use of many vendor-specific tools, which may serve a purpose in their own domains, but don’t always “play well with others.”

The challenge of managing RTC sessions has been exponentially amplified with the move to dynamic cloud architectures and the rise of API-based communications services like Twilio, web services like WebRTC and CRM integrations.

What’s a responsible IT executive to do?

A unified, vendor-agnostic monitoring and security strategy that spans multiple protocols and provides interoperability and interworking is more important today than ever. Without global visibility, operationalizing complex VoIP and Over-the-Top (Internet-based) environments is becoming almost impossible without new tools that provide end-to-end visibility and control.

We Cannot Manage What We Cannot Measure

Events such as SIP registration floods, VoIP pivot attacks and failed load balancing cause disruption of service and keep IT managers awake at night. When an attack or network failure occurs on a voice system it can take days – if not weeks – to track down the issue unless software is in place that monitors all aspects of RTC, particularly as more and more functionality moves to the cloud.

While security may feel like the scariest issue, day-to-day operations can also be improved when enterprises and service providers have full visibility into basics like voice quality, IP network performance and service utilization. When one combines an over-arching analytics platform with the existing branch-office infrastructure, enterprise service network administrators can efficiently determine if a call-quality issue is unique to a type of handset, branch location or gateway.

Global visibility into cloud services for RTC, if done well, goes even further. Given the increasing reliance on services like Microsoft Skype for Business (and now Teams) it is also necessary to monitor database-processing times on backend servers to ensure call processing is going smoothly.

This can be done by monitoring the time between the last packet of a request and the first packet of the corresponding response, associated with the payload for database transactions across backend servers. This generates database latency alerts with signaling metrics useful in more advanced “grooming” of RTC networks and services. Incorporating this type of capability into a big data analytics platform enables an enterprise to monitor service quality and troubleshoot when needed from the client to the cloud from a single platform which increases efficiency and reduces down time.

Aside from service assurance and troubleshooting, enterprises can respectfully mine their user data to deliver a more personalized user experience. Leveraging big data analytics and machine learning to track communications from end-to end in the network – and thus enable a detailed view of threats, quality and user behavior – is already being done to answer questions such as what are people and systems doing? How often are they doing these things? Where are the predictable patterns? How do we immediately identify an “out-of-trend” moment, which could lead to trouble?

Harvesting data around RTC creates meaningful insights that help enterprises measure so they can manage. Using predictive and behavioral analytics helps managers literally see into the future and avoid trouble before it happens.

Predicting intent throughout the network and all the way to end users – solid gold. Predicting sentiment, for example, as part of a contact center application? Priceless. Automating network operations security and applications in multiple clouds, and across clouds? This is the future.

By Kevin Riley

Kevin Riley

As Chief Technology Officer and EVP of Advanced Research and Development, Kevin Riley drives Ribbon Communication’s innovation and development activities, with a particular focus on enabling SDN and NFV Cloud-based architectures of the future.

Prior to his current role he served as CTO and SVP of Engineering and Operations for Sonus. Kevin has more than 20 years of software development and engineering experience and previously was instrumental in Sonus’ efforts to drive an industry leading technology roadmap, including the award winning Sonus SBC SWe (software edition) and SBC 7000, the two most successful new product introduction in Sonus’ history. Before this role at Sonus, he served as Vice President of Platform Engineering and Director of Core Software.

Prior to Sonus, he held Software Development Manager positions at Verivue, Sentito Network, Cisco and Telebit.

Cloud Community Supporters

(ISC)²
Cisco
SAP
CA Technologies
Dropbox

Cloud community support comes from (paid) sponsorship or (no cost) collaborative network partnership initiatives.