The Coronavirus Pandemic created many unique security challenges for those in all industries. Especially; for those trying to provide customer service. There were a lot of considerations nearly two years ago at the start of it all. How to provide the same level of service with a workforce who now worked (largely) from home?
It was also not to be a trivial feat, but one many in the UCC industry would set out to tackle head-on.
Dr. Heather Hinton is RingCentral's Chief Information Security Officer - and she recently sat down with me via the RingCentral MVP app; to chat about security and readiness for another potential mass exodus to remote work. She told me, RingCentral was in a good position at the beginning of the Pandemic.
They have a team in China, and early on, the company's chief information officer made what Hinton calls a "brilliant call in February."
"We were prepared since he went and acquired laptops for our global team, for those who did not have them, meaning we had a fleet of managed laptops for our global team."
Not every firm can afford to make such a move - but I did gain further insight into RingCentral's efforts in security and the success it created for customers through its multi-layer approach to the matter. This can ensure, as you will learn later - nearly any device can be used to work in a RingCentral environment.
Meet RingCentral's Head of Security, Dr. Hinton
Dr. Hinton has more than 30 years of experience in Information Technology (IT) and cyber security. She's led product design, architecture, development, and sales efforts at Fortune 500 companies. Hinton was even instrumental in bringing the Privacy by Design thought process into IBM’s Security and Privacy by Design sector.
Before joining RingCentral, Hinton held leadership roles at IBM, most recently serving as vice president and; as an IBM distinguished engineer. She was CISO for the company’s Cloud and Cognitive Software business unit as well.
And as an IBM Distinguished Engineer and chief technology officer (CTO) for the company’s Security and Compliance Specialty Service Area (SSA) - Hinton led the adoption of security standards for internal applications and external clients.
In another life, Hinton was an academic and Assistant Professor of Electrical and Computer Engineering at Ryerson Polytechnic University in Toronto along with being an Adjunct Assistant Professor at the University of Toronto. Even more impressive, Hinton holds a Ph.D. in Computer Security from the University of Toronto.
She is also an IBM Master Inventor, holding over 100 patents spanning federated identity management, cloud security, and policy management. In 2019, Hinton was inducted into the Women in Technology Hall of Fame and today - she is responsible for RingCentral’s security posture and innovation across the UC firm's UCaaS/CCaaS portfolio.
The Pandemic, Readiness, & Customer CX
Most employees at companies found themselves in a situation where they were working from a desktop they could not take home. Hinton notes; that these companies faced a different set of hurdles regarding the tradeoffs they made to keep business running - all the while mitigating cyber security risks.
"From a RingCentral point of view, and as a service provider, we found a lot of our customers leveraged our app or web browser to do things like video chat, share files, conduct meetings, etc."
In this respect, she continued: it did not matter what device employees used, making for a smooth transition. She further noted that:
"This is not necessarily a security statement, but an interesting one to point out when you look at RingCentral customer trends, especially when they try to lock down a BYOD strategy (bring your own device) or deploy zero-trust architecture to follow."
Hinton is a big fan of zero-trust security, but she said that it is rapidly becoming an overused term. It does, though, hold a lot of weight when it comes to application. The idea is simple yet effective if deployed leveraging best practices. 'Metrigy Research' suggests that zero trust requires a scalable standards-based security model. Not everyone, however, has a proactive approach to security.
Take a look at the figure below for more on that
Zero-trust security means that one cannot access a company network unless the device is deemed suitable through a series of protocols that happen behind the scenes. Typically the end-user is unaware of the process, but it can work to ensure the device is safe to handle sensitive and often priceless company data.
"Zero-trust, in true form, is a critical strategy for our customers, and one that we are doing ourselves, so we recommend it to our clients."
Let's look at a quick example. If an organization is in the process of acquisition with a lot of sensitive information floating around and concerns get raised, Hinton told me, end-to-end encryption is and should always be on the table. Not only is it essential for those in highly-regulated industries like banking and finance, but it can play a vital role in assuring calls stay between intended parties.
RingCentral recently introduced end-to-end encryption for its video offering. It can guarantee that the only people invited to a call can listen and join. Each message - encrypted at the meeting host laptop and decrypted at the other endpoint(s). The only caveat - at least one user has to have an account.
"This ensures we do not have a bunch of folks using RC technology in free mode to do nefarious things."
Ring Central's Working Smarter, Not Harder
RingCentral has a rich background in the telecoms space, and Hinton acknowledged that, noting RingCentral's security practices stem from that very notion.
"From a service abuse point of view, you get fined if you are not doing things properly."
The goal of RingCentral's security efforts, while not explicitly stated, appears to be - to increase operational efficiency and workplace productivity.
See how one RingCentral customer leverages its MVP platform
Hinton let me in on a little secret, telling me that her previous employer had tons of applications for chat, email, and even meeting options. At RingCentral, she said, she gained about a half-hour of daily productivity. Why? Well, IT admins at RingCentral only have to worry about one platform that does it all - including voice, video, chat, file sharing, etc.
And it has multiple layers of security embedded into its DNA. You see, developers don't have to spend a lot of time figuring out who to give which access to and to which platforms. This is not just taxing for IT, but it can create unnecessary work. It could also result in higher operational costs and time not so well spent for developers.
"We try to create an environment for our customers and their admins to easily learn and manage the entire RC ecosystem so they can work smarter, not harder," Hinton concludes.