Webex’s Sanjay Khanna discusses the changing cloud collaboration, security and compliance landscape.
Every organization with cloud-based collaboration tools should be thinking about security, privacy, and compliance. Post-pandemic, digital transformation priorities have shifted to support a hybrid work environment, where there is less control over data and a rise in shadow IT.
Last year, ZK Research surveyed business leaders to understand how their spending priorities have changed during the pandemic. Security and privacy were at the top of the list, above everything else. I explored this topic further with Sanjay Khanna, Webex product management leader at Cisco, in my latest ZKast interview. Highlights of the interview, done in conjunction with eWEEK eSPEAKS, are below.
- Building a security framework around collaboration is challenging. Security leaders already worry about external attacks and breaches. Now there are added concerns about data being compromised from the inside because organizations don’t have control of their own data. Data that leaks out of the organization needs to be removed immediately. Organizations should have a governance model reflecting that.
- There are three key steps organizations can take to ensure their data is protected. First, evaluate organizational data governance to figure out which data is sensitive and which isn’t. Second, understand how regulatory compliance will be reflected in the platform/collaboration tools deployed within the organization. Third, make sure the platform/tool provider can be trusted to secure company data.
- According to Cisco’s 2022 Data Privacy Benchmark Study, 92 percent of organizations surveyed said data localization is important, and the same percentage said it’s needed to help safeguard personal data. Most want data closer to their organization, which would give them greater control. This should be taken into consideration when selecting a provider or technology that offers that kind of capability.
- Data localization involves many different regulations. Organizations have to make sure their collaboration provider has a local presence in their country. Webex, for instance, meets various requirements for data management across the globe. It provides data residency solutions in the EU, Australia, and Canada, among other countries.
- Data residency keeps user data in regional data centers where an organization is located. Webex recently opened two data centers in Canada, providing in-country data residency and redundancy for user generated content that will be processed and stored in Canada. This will likely become a requirement in most countries.
- In the U.S. public sector and global public sector, there are stricter requirements for storing and handling data. Webex provides comprehensive compliance and certification programs to help organizations meet those requirements. For example, Webex is compliant with the Federal Risk and Authorization Management Program (FedRAMP), so it has an advantage over other providers. Many smaller providers aren’t willing to go through this long and expensive process.
- As mentioned above, one way for an organization to create a secure collaboration environment is to have a trusted provider. The principles or the values that a provider has—such as transparency, accountability, and respect for customers’ data—must become part of an organization’s DNA. It’s not something employees can pick and choose on an individual level.
- Data protection, security, governance, and privacy all have to be baked into a collaboration platform rather than bolted on. This will make it easier for organizations to adopt emerging technologies like artificial intelligence (AI), which is becoming prominent in collaboration. Company principles is what will guide the handling of data generated by AI.
- A provider must demonstrate their commitment and rise up to the challenge of responding to an organization’s needs as they change. Organizations shouldn’t settle for providers that do the bare minimum. They should choose providers that go above and beyond. If providers aren’t willing to go the extra mile, the user experience will be inferior as a result.