Analytics
8/21/2017
02:00 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Cisco Spark Announces Breakthroughs in Security, Compliance, and Analytics

SAN FRANCISCO, August 21, 2017 – Cisco understands the importance of security, compliance, and analytics. We infuse this thinking into everything we do. So it’s no surprise that our mission in collaboration has always been to give you incredible tools to bring ideas to life that provide world-class security and analytics.

Today, Cisco Spark™ makes four major breakthroughs to keep things running smoothly and also keep your most important information and ideas safe:

1. Cisco Spark is the first messaging product to deliver end-to-end message encryption plus the compliance features enterprises need.
Large companies need tools such as e-discovery for legal reasons and data loss prevention to keep sensitive information safe. They also need end-to-end message encryption to keep your team’s “next big thing” idea under wraps. Today, Cisco Spark becomes the first-ever enterprise messaging product that actually does both.

2. Cisco Spark adds mind-blowing analytics that make insights a snap.

With just a few clicks, you can see if any users are experiencing reduced call quality, and see if the problem is affecting others nearby. It is so simple to manipulate the data that it feels like the entire cloud database is stored in the administrator’s browser. We call this “fluid analytics” and believe it sets a new bar. Now, fluid analytics is available for both Cisco Spark and Cisco® WebEx®.

3. Cisco Spark introduces mobile devices security on non-managed devices.

For IT and information security departments, bring-your-own-device (BYOD) programs for PCs and mobile phones have made security a challenge. Users typically have to opt in to device or application management, and this can be clunky, stymie adoption, or add costs. To simplify things, we have baked key device and application management features right into Cisco Spark. New capabilities include graceful PIN lock (which enforces device-level PIN lock on any device without sacrificing user adoption by turning away users who haven’t set one), Web Smart Timeouts (which lets the Cisco Spark web app know when it is running outside of the company network and automatically logs out the user), and Enterprise Certificate Pinning (which protects the user from malicious hotspot providers and access networks without requiring the user to actually enable their company VPN client). This is the first-time certificate pinning has been used in this way.

4. Cisco Spark introduces data security equivalent to on-premises storage.

Finally, in another industry first that’s the culmination of four years of research and development, we are now giving customers a way to protect themselves from attacks against the Cisco Spark cloud itself. Customers are now enabled to run a key server on the premises to encrypt and decrypt all content sent to Cisco Spark with a level of data security equivalent to that provided by a Cisco managed key server. With this new capability, we deliver the industry's first end-to-end cloud encryption solution utilizing on-premises key stores.

These four breakthroughs are available through the new the Cisco Spark Control Hub, the new Pro Pack, and third-party integrations.

Cisco Spark Control Hub

The Cisco Spark Control Hub is an advanced tool included with Cisco Spark allowing administrators to provision, administer, and manage their entire Cisco Spark service. Cisco Spark Control Hub also provides the ability to manage Cisco Spark Hybrid Services and view analytics for both Cisco Spark and Cisco WebEx.

Pro Pack for Cisco Spark Control Hub
Pro Pack for Cisco Spark Control Hub is a premium offer for customers that want even greater control and more advanced capabilities. Pro Pack provides greater flexibility for security, compliance, and analytics and allows customers to connect and manage integrations from a number of their existing security, compliance, and analytics software vendors. Access to some features can be limited to specific roles such as information security professionals or compliance officers.

Third-party integrations for the Pro Pack are available in the following areas:

Compliance and archiving

  • Actiance can capture and archive all content from Cisco Spark, including messages and files to comply with retention requirements and enable e-discovery and supervision. Actiance also provides integration with other archival systems.
  • Global Relay, a provider of enterprise information archiving, compliance, surveillance, analytics, and e-discovery, has launched Archive for Cisco Spark. With the Global Relay/Cisco Spark integration, businesses can easily and efficiently capture, preserve, review, and enforce internal policies on their Cisco Spark messages.

Data Loss Prevention

  • Cisco Cloudlock® enables organizations to securely adopt Cisco Spark by providing full visibility and control over sensitive data stored in Cisco Spark. Cloudlock identifies critical information such as PII, PHI, and PCI as well as other proprietary information to adhere to regulatory compliance and internal data protection mandates. When sensitive information is detected in violation of customer policies, Cloudlock triggers incidents and automatically takes risk-appropriate actions such as notifying end users and admins of violations and deleting violating content (file or message) from a Cisco Spark space.
  • Skyhigh for Cisco Spark, part of the Skyhigh Cloud Access Security Broker (CASB) platform, integrates with Cisco Spark via API to deliver an additional layer of security for Cisco Spark customers. This integration, available with today’s announcement, enables Cisco Spark customers to gain granular visibility into sensitive data uploaded to Cisco Spark, enforce data loss prevention policies, detect and protect against insider threats and compromised accounts, and capture a detailed audit trail of all user and administrator activity for forensic investigations.
  • Symantec CloudSOC cloud access security broker (CASB) will integrate with Cisco Spark to provide visibility, data governance, and threat protection. CloudSOC uses machine learning to identify attacks, automatically classify data, and mitigate risk through alerts, access controls, quarantines, and more to help organizations prevent data loss and remain compliant with data privacy regulations. CloudSOC, part of Symantec’s Integrated Cyber Defense Platform, offers unique integrations with Symantec DLP, user authentication, encryption, endpoint protection, advanced threat protection, and secure web gateways as well as industry integrations with directory services, SSO solutions, SIEM platforms, firewalls, proxies, and more for a tight layer of cloud security that minimizes administrative workload.

Identity Management

  • Microsoft Azure Active Directory provides organizations with enterprise-grade identity management for cloud applications. Azure AD integration gives users a streamlined sign-in experience and helps applications conform to IT policy. Cisco Spark integration with Azure enables Single Sign On so end users can seamlessly authenticate into Cisco Spark to collaborate and share information.
  • Okta’s integration brings its identity management platform to Cisco Spark. With Okta, end users can seamlessly authenticate into Cisco Spark to collaborate and share information. For CIOs and IT leaders, Okta provides a simplified and secure way to provision and deprovision Spark users across the enterprises using industry standards. IT administrators can also use such Okta features as Universal Directory (UD) and mobile device management (MDM) to manage users as well as multifactor authentication (MFA) to provide an additional layer of security to the authentication process.
  • Ping Identity has created an integration between both Ping Identity’s PingOne and PingFederate and Cisco’s Spark enterprise collaboration platform.  To secure against the attack vector of weak and stolen passwords, this integration provides an enterprise authentication experience. Additionally, Ping Identity’s cloud-delivered, multi-factor authentication (MFA) increases security even further without sacrificing user experience with an easy, one-touch swipe on a mobile phone. Finally, for IT executives, the Ping Identity/Cisco Spark integration provides a simple and highly secure way to deploy and manage Cisco Spark across the enterprise.

eDiscovery

eDiscovery is built into Cisco Spark Control Hub; Pro Pack allows search and extraction of content older than 90 days. The output from the search can be downloaded in JSON format and can then be exported into the eDiscovery tool of their choice for legal investigation.

Enhanced reports

Cisco Spark Control Hub administrators can now benefit from a new data architecture that enables deep business insight through a new highly visual interface and with rapid data exploration and optimization. With the Pro Pack for Cisco Spark Control Hub, the analytics available are enhanced to 365-day history, and additional reports are available for user adoption trends, quality of service, and license usage.

Customers

“Cisco Spark Hybrid Data Security gives us the confidence and comfort that our data is secure everywhere it exists on the Spark platform. The deployment and manageability of the Hybrid Data Security nodes with the Cisco Spark Control Hub is very intuitive," said Mike Pearce, senior infrastructure architect, Blizzard Entertainment.

“Cisco Spark enables our global teams to work together in a collaborative way regardless of location or time zone. We leverage the persistent meeting spaces to share information, ideas, and solutions. The knowledge bases across our organization have evolved and improved with the adoption and use of Cisco Spark spaces. We leverage chat, VoIP, video, and meetings for worldwide collaboration and partnership,” said Sean Skalla, senior director of global IT, Service Source International, Inc. “We are excited to take our Cisco Spark experience to the next level with Pro Pack. This will let our compliance and IT security teams sleep better at night. We will be able to configure rules for compliance with exceptions being called out and automated actions taken by our compliance tool. The new Pro Pack analytics capabilities will give us a much better view of our Cisco Spark and Cisco WebEx services usage in just a few clicks. We will have the ability to drill down and discover adoption analysis, issue resolution, and investment optimization quickly and easily,” Skalla concluded.

Pricing and availability

The Cisco Spark Control Hub and Pro Pack are available starting today.

Additional resources

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Cybersecurity's 'Broken' Hiring Process
Kelly Jackson Higgins, Executive Editor at Dark Reading,  10/11/2017
Ransomware Grabs Headlines but BEC May Be a Bigger Threat
Marc Wilczek, Digital Strategist & CIO Advisor,  10/12/2017
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: Search Cybersecuruty and you will get unicorn.
Current Issue
Security Vulnerabilities: The Next Wave
Just when you thought it was safe, researchers have unveiled a new round of IT security flaws. Is your enterprise ready?
Flash Poll
[Strategic Security Report] Assessing Cybersecurity Risk
[Strategic Security Report] Assessing Cybersecurity Risk
As cyber attackers become more sophisticated and enterprise defenses become more complex, many enterprises are faced with a complicated question: what is the risk of an IT security breach? This report delivers insight on how today's enterprises evaluate the risks they face. This report also offers a look at security professionals' concerns about a wide variety of threats, including cloud security, mobile security, and the Internet of Things.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2017-0290
Published: 2017-05-09
NScript in mpengine in Microsoft Malware Protection Engine with Engine Version before 1.1.13704.0, as used in Windows Defender and other products, allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and application crash) via crafted JavaScript code within ...

CVE-2016-10369
Published: 2017-05-08
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).

CVE-2016-8202
Published: 2017-05-08
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected version...

CVE-2016-8209
Published: 2017-05-08
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.

CVE-2017-0890
Published: 2017-05-08
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.