Cisco has led the way in collaboration tools with over 25 years of secure and reliable service. Cisco understands that knowledge workers need secure collaboration tools, especially when they work from home.
A culture of security is embedded in Cisco’s DNA. The Cisco Secure Development Lifecycle, (CSDL), ensures security is built into Webex from the beginning and throughout all stages of the product lifecycle. With their heavy investment and focus on security, Cisco goes a step further by using an independent security and trust organization, (STO), with governance over Webex, that reviews security and performs proactive penetration testing. True to the Cisco culture focused on security, Webex has built an easy-to-use, integrated user experience without compromising security. Users don’t need to worry about configuration options; they can collaborate freely and easily knowing Webex selects the most secure options by default. Webex never compromises on security.
Cisco highlights these Webex security features:
- Dedicated room meeting IDs are not called out externally, to prevent unwanted intruders and potential toll fraud.
- All communications between Cisco Webex apps, Webex Room devices and the Webex Cloud occur over encrypted channels.
- Once a session is established over TLS, all media streams (audio VoIP, video, screen and document share) are encrypted.
- For businesses requiring a higher level of security, Cisco Webex also provides true end-to-end encryption for meetings. With this option, the Cisco Webex Cloud does not decrypt the media streams sent by your Webex Meetings application.
- Cisco processes and stores recordings, transcriptions and closed captioning data in-house and never compromises customer data by outsourcing to a 3rd party.
In comparison, Zoom has a history of security issues that have compromised user security. The organization doesn’t appear to have security governance and security doesn’t seem to be embedded into the organization as a cultural value; they prefer to wait until getting caught and called out on security issues prior to warning users.
- Zoom meetings are not secure and the result is uninvited participants can enter the meeting. Due to the frequency of this situation, the term Zoombombing was coined to describe the experience. (Update 4/5/2020: Zoom is now requiring meeting PIN numbers by default, however, these can easily be disabled.)
- Content shared in a Zoom room is not encrypted.
- Zoom’s hybrid authentication approach allows employees to add their non-company identity such as a gmail account as a full admin outside of the IDP/corporate domain structure.
- Transcripts from Zoom Meetings are outsourced giving confidential meeting information to an organization that may have questionable security policies.
Data Privacy Comparison
In contrast, Zoom shares data with 46 third-party advertising partners including Facebook and Google. Zoom used SDK integrations that sent user data to Facebook. When they got caught, they fixed it by using TrustArc to get consent to use your data for their third-party partners. TrustArc makes it difficult to opt-out of sharing your data during the consent process.
Webex Wins in Security
Cisco builds in security from the ground up, has security processes and governance in place, and continually invests in security. Meanwhile, Zoom only reacts to security issues when they are forced to respond.
Webex Wins in security and user experience. When you choose Webex, you’re getting the industry’s most secure collaboration platform. You’re getting all the protection and best practices from Cisco’s world-class security teams. When user data is on the line, companies chose Webex.
Acadia Technology Group is a Cisco Premier Certified Partner with decades of experience, We’ve built our reputation on client-centered service, and we’ve delivered bullet-proof solutions to some of the largest corporations and institutions in America. And we bring a legacy of insight, sound judgment and historical perspective to every engagement.
Contact our experts to learn how we can help you.