Avaya Offers End-to-End Network Security Solutions for BYOD

Cybersecurity threats within organizations are on the rise, driven by increased employee mobility and bring your own device policies.

While enterprises need to look at holistic solutions to solve these security challenges (i.e., from a data as well as voice viewpoint), migrating from time-division multiplexing to SIP trunking and cloud-based communications solutions pose particular security threats to businesses as investments in SIP and Unified Communications as a Service grow exponentially.

In addition, businesses are discovering how challenging it is to develop an effective BYOD strategy. Many customers I’ve talked to don’t want to manage the overhead of virtual private network solutions and instead are moving toward a VPN-less offering—a decision that not only reduces overhead but also lessens the complexities involved in supporting BYOD policies.

Avaya has developed two cutting-edge offerings that deliver an end-to-end BYOD strategy: Defense in Depth (also known as the Castle Approach) and Defense in Breadth solutions.

Defense in Depth is a multilayered security approach that covers the voice network end to end, freeing remote workers while securing the organization’s voice and data infrastructure.

The solution begins with the Avaya Session Border Controller, which provides organizations with the ability to extend their unified communications collaboration environment outside the enterprise network securely and still deliver extended capabilities (i.e., voice, video, instant messaging and collaboration) to remote workers using a VPN-less solution with encryption for both signaling and media.

The Defense in Depth solution also allows organizations to secure their core UC infrastructure with the Avaya intrusion detection system, intrusion prevention system and SIP firewalling capabilities embedded with Avaya Session Border Controller. Furthermore, Avaya secure SIP trunking using ASBC prevents toll fraud and denial of service/distributed denial of service attacks.

With devices connecting to already-secured voice networks, Avaya applies a number of security solutions to ensure that they are authorized for the VPN-less network.

For example, the Avaya Identity Engines Portfolio delivers a single sign-on capability through Active Directory and enables fingerprint authentication for BYOD equipment that can be tied to access control, policy management and posture.

The Avaya IDE solution integrates with a Citrix (XenMobile) and other mobile device management solutions that check whether the BYOD equipment is “jailbroken” (i.e., has been tampered with to circumvent policies, procedures or protocols) and has the correct software version. With IDE, Avaya is extending the flexibility of BYOD to connect not only on premise but also from remote locations to allow employees to work from anywhere any place at any time.

The integration between Avaya SBC and IDE will be in our upcoming ASBC release 7.0 due to be out in August 2015.

The Avaya Defense in Breadth solution using Avaya Fabric Connect and Fabric Attach solution, combined with the Defense in Depth solution, provides organizations with end-to-end Avaya layered security for BYOD.

Avaya Defense in Depth and Defense in Breadth solutions focus on meeting the challenges of tomorrow, including the Internet of Things, which can allow smart devices to connect to the Internet without human intervention.

With an increasing demand for smart cities and the relevance of IOT, security does not have to be an overwhelming challenge if an effective network infrastructure is in place, consisting not only of a smart foundation that enables and accelerates IOT, but does so in the most secure manner.

Today’s legacy networks, built on a server/client topology, expose an organization’s network surface area, leaving it open to hackers who can use IP hopping to gain full exposure to the network. Fabric technology from Avaya, using an Ethernet-based topology, significantly reduces the network’s surface exposure, making it completely invisible. Avaya fabric has no IP and is based on Institute of Electrical and Electronics Engineers/Internet Engineering Task Force standards for Shortest-Path Bridging.

An enterprise end-to-end approach to network security has become a necessity, rather than a luxury, for organizations. Avaya not only delivers the best mobile and cloud-enabled communications solutions in the industry, but also offers strategies to help organizations implement them in the most secure manner.

To learn more about Avaya Defense in Depth and Defense in Breadth solutions, please contact your local account team for more information.

Related Articles:

Avaya Named a Leader in Gartner’s Magic Quadrant for Contact Center Infrastructure

Avaya is honored to be recognized as a leader in Gartner’s Magic Quadrant for Contact Center Infrastructure worldwide. Avaya has been the only vendor having the distinction of being named a Leader for 16 consecutive years. Each year the research organization creates a market view of key players for business users, reflecting business goals, needs, and priorities.

Contact centers have gone beyond phone calls with customers now expecting to communicate on their terms via text, IM, email, chat or video. For the past 16 years Avaya has created seamless and highly personalized experiences, building brand loyalty for companies all around the world.

According to Deloitte, 85% of organizations view customer experience provided through contact centers as a competitive differentiator. Todays companies must remain relevant by creating a single interface to connect customers with the correct resource each time, supporting their preferences. Supervisors and managers need real-time performance information to adapt immediately to situations to ensure optimized customer experience.

Avaya has focused its efforts on creating next-generation contact center solutions, creating communication strategies enabling a continuous transition between channels during customer interactions.

Please visit Gartner’s page to read the full report and see how Avaya’s Contact Center infrastructure continues to deliver best-of-breed Contact Center applications. We look forward to continuing innovation and leading business communications for the digital age.

 

Seeing into the Office of the Future

Dubai is heavily focused on delivering on its Smart City goals, with the goal of being among the smartest—and happiest—cities in the world. The drive toward smart cities is part of a wider shift, with countries around the globe seeing a migration from rural areas to urban. With more than half the world’s population now living in cities, organizations in the Middle East are facing increasingly difficult decisions about how they allocate resources and manage their workforce.

For a city like Dubai, that can be challenging. Finding the right real-estate location for office space, managing energy usage and providing physical workspaces for employees working different shifts in a modern, 24X7 city creates its fair share of headaches. Enterprises also have to cope with an increasing Bring-Your-Own-Device (BYOD) culture, with smartphone and device penetration especially high in the United Arab Emirates and other Gulf countries.

We have reached an inflection point where the number of devices connected and generating data is accelerating at an exponential level. Our work environments are beginning to blur, as workspaces are no longer physical but virtual. Organizations need to deliver a consistent work experience whether in an office or on the road, or at home. The key driver is to intuitively connect not only communications devices, but interact with the ambient technologies that surround us, like lighting, BMS and signage.

At Avaya, we believe that the Smart Enterprise is one of the key building blocks for smart cities—and one of the foundations of true Smart Enterprise development will be what we term the Office of the Future. This is about more than just technology; the Office of the Future involves automating work processes within the enterprise to deliver a more intuitive employee experience. As with any “smart” solution, the Office of the Future is only smart if it resolves the challenges it aims to address.

So what do we mean by Office of the Future? Imagine walking into a new office you’ve never visited before and your work station is ready before you sit down, configured to your preferences, right down to the air conditioning settings and digital signage displayed with your identity. When a client arrives to meet you at the office, they can be sent to a meeting room automatically, and you can talk to them on their mobile as you walk to greet them.

With Avaya solutions, the act of an employee booking a workspace would kick start a workflow that immediately sets up that space with all communication devices enabled and connected securely, while interacting with the building management system to ensure the environment was set to the employee’s requirements, everything from lighting to temperature to digital signage. The employee could be identified by their phone or a card ID. When they leave, the workspace can be reset for the next employee that reserves it.

Such Smart workspaces will help enterprises manage their resources more effectively, better leverage their real estate investments, and improve employee well-being and productivity. Here in Dubai, the Office of the Future starts now.

89% of Employees Apparently Don’t Care About Mobile Security

Mobile Security Avaya

IT security has a big job: keep corporate data safe in the face of motivated hackers and unaware employees. Today that job is harder than ever — employees are bringing their own devices and applications into the office every morning, and walking out the door with corporate data every night.

The intention behind Bring Your Own Device and Bring Your Own Apps is good: Employees want to be productive away from the office. No one wants to carry around two smartphones, or truck around two laptops while they’re on the road. Cloud-based work apps excel at document version control, are accessible everywhere, and help teams cut down on email as a collaboration tool.

The reality of BYOD and BYOA is more troublesome: If your company is one of the estimated 26 percent with no official BYOD policy in place, employees will load work email and work documents on their personal mobile devices anyway. If a company fails to give their employees the cloud-based apps they want, they’ll simply use the app’s consumer-grade version. Thousands of unsecured laptops and smartphones get lost or stolen every week. It’s estimated that 43 percent of U.S. companies have experienced a data breach in the last year alone.

Troubling numbers

Given that backdrop, ask yourself — how many mobile devices are out there with your company’s data on them? The answer might surprise you.

In a recent survey of more than 12,000 people, security software maker Kaspersky Lab found roughly half used personal smartphones, tablets or laptops for work, 36 percent kept work files on their personal devices, 34 percent accessed work-related email from personal devices, and somewhere between 11 to 18 percent carried around corporate passwords.

Asked about it, just 11 percent said they were seriously concerned about keeping work-related information secure on their personal mobile devices.

If your company doesn’t have formal policies in place around personal mobile devices, chances are, your corporate data is already heading home with employees each night. BYOD and BYOA are just the start— Bring Your Own Everything is on the horizon.

Embracing the present

The first step is to either build a BYOD and BYOA policy, or review your existing policies to keep them up-to-date.

Employees are already using their own devices and apps inside the workplace — in an April 2015 report, Netskope found the average organization is now using 730 cloud-based applications. If that number seems high, it may be time to audit the software your teams are using, and determine if sensitive corporate information is at risk of being lost in the cloud.

Next, give employees the secure tools they need to use the devices and apps they choose. Different teams may choose different engagement software based on their individual needs. Mandating the entire company standardize on a single, monolithic software platform or official device is unrealistic, and may encourage “shadow IT,” where teams ignore official channels and adopt the tools that work for them.

Information silos are dangerous. At best, silos hinder company engagement by preventing teams from getting the information they need to make informed decisions easily. At worst, silos force employees to kluge together a solution — for example, emailing data across the company in spreadsheets.

Breaking information silos apart is possible with software like the Avaya Engagement Development Platform, which allows companies to write custom code that either communication-enables their existing apps, or builds new apps to share data between silos.

Lastly, smart companies adopt multiple layers of security, knowing that data breaches are just as likely to come from within the company than without.  Firewalls are not enough — network access must be segmented and role-based.

In a widely-publicized data breach last year, a major U.S. retailer admitted it had lost millions of consumer credit card numbers after it gave its HVAC vendor access to wide swaths of the company’s corporate network. Hackers breached the vendor, and used their network credentials to raid the retailer’s credit card database, which was sitting in a section of the network that an HVAC company should not have been able to access.

Virtualized, software-defined networking makes role-based network access easy, reduces the size of the network’s footprint of endpoints and obscures portions of the network from hackers. Individual devices, applications and endpoints are provisioned dynamically, with network access extending and retracting as needed.

BYOD and BYOA represent the new reality for enterprises. Take proactive steps to review your company’s BYOD and BYOA policies, give employees the tools to allow this trend, share information securely between applications and gain more control over the corporate network.

Want more? Download the new Avaya white paper, “The New Rules of Engagement.”