Cisco's Meggers Talks Secure Cloud Collaboration
In a conference room at Kissimmee, Florida's Gaylord Palms hotel, Jens Meggers is leaning forward to explain Cisco's latest collaboration technology. "Connecting people by providing tools for the digital workplace is the core of our DNA. And people think, gosh, you people got recently into collaboration? No we didn't. We were there at the forefront when IP telephony was created," he said. Fifty feet away, alligators sunned themselves in the hotel atrium, but Meggers ignored the toothy reptiles to focus on how humans can better work in teams.
As SVP and GM for Cloud Collaboration Technology at Cisco, Meggers is here to deliver a keynote address at Enterprise Connect 2017. But in this conference room, 21 hours ahead of the keynote, Meggers seems eager to explain how collaboration has become one of the hottest product categories in the enterprise. "People have voted, they want to use messaging to communicate at a very high frequency," he said. Meggers then explained that messaging behavior is expanding from the consumer world into the enterprise. "That's why we see in the consumer space billions of users on Facebook and WhatsApp, and like that. It's a very, very effective way to communicate," he said. "Email can't do that."
Email fails for collaboration, Meggers said, because it was never designed to be a high-frequency communication medium. "When I ask people in a corporation, they normally say 45 minutes to one hour is the acceptable return [time] for an email," he said. "It was designed as a replacement for physical mail, where there was a long time for a round trip, and it's used as a chat tool."
It's this use case that causes problems for email users. "It's used as chat messaging -- minutes for answers," Meggers said. "Sometimes you have these really fast email exchanges when it gets really heated; people answer, answer, answer, answer, and within five minutes you have 15 emails. It has not been designed for that."
"That's why people are so stressed out about email, because it doesn't work that way. It worked very well, and still works very well, for the stuff it was designed for," said Meggers. "That's why people are converging to new methods, chat and business messaging, to fulfill the need for very fast interaction of messaging," he said.Security questions
One of the advantages some see email holding over messaging is the years of security and regulatory practice that has gone into protecting email systems. Meggers acknowledged email's head start but expressed optimism about collaboration and messaging security potential. "The good news is we found that a lot of what was developed for email over the years is also working for messaging," he said.
As an example, Meggers talked about the retention, archiving and e-discovery methods for messaging. "Here are a lot of products that allow this for email; the retention process, searching, and all of the compliance effort you can do in these archiving systems. A lot of these also work for messaging, so we're pretty successful at integrating messaging into these kinds of systems," he said.
The next big question involved securing collaboration messages from interception and theft by outside actors. In this area, Meggers said that email isn't as secure as many users assume. "This is an interesting thing because email is not even closer to being perfect. If you use a POP3 email on an airplane you're in big, big trouble, for example," he explained.
With Cisco Spark, the company has taken an expansive approach to securing the messages. "What we're doing with Cisco Spark is bringing end-to-end encryption to a whole new level," he said. "What we're doing with Cisco Spark, and as far as I know we're the only vendor doing this -- it took us years of engineering to get this right -- is full, end-to-end encryption," Meggers said, adding, "That means we're encrypting on the device, pulling a key from a separate key-management server, sending it to the cloud, and it never gets decrypted."
Asked to explain how constant encryption works when functions like exfiltration control, filtering and search are required, Meggers leaned forward and quickened his explanation. "There is a lot of problems that needed to be solved to make this work," he began. "You mentioned compliance and e-discovery and filtering. So what we're doing is saying, 'I want to make sure no sensitive information is being published.' What you can do is, once you bring the information into an archiving system, the archiving system can pull a key from the key management system and decrypt the information. It can decrypt it on the premises of, or under the control, of the organization that actually owns it," Meggers explained.
"The other thing we had to figure out was search. Because now you can say, if you encrypt everything, how do you search?" Meggers continued, adding in an understatement, "That was a really, really, big deal." In broad terms, he said, "We had to come up with an encrypted search tree. So we're actually able, in Cisco Spark -- and it took us quite a while to engineer this thing -- we're able to search in an encrypted search tree." Settling back a bit, he admitted, "This end to end encryption didn't necessarily make our jobs easier over the last year, I can tell you that."21 hours later…
On stage the next morning, Meggers turned his speech to topics other than encrypted search trees. "Experiences are all that matter in this industry," he said at the beginning of his presentation. As an example, he used portable music players beginning with the large "boom box" portable systems of the 1970s. There were incremental improvements through the Walkman through to the iPod, but none changed the shape of the world. "When did we see a really big improvement?" he asked. "When we got the powerful clouds that let us listen to any song. That's a crazy, exponential experience. It never got shipped officially, just suddenly we had the experience. The thing that happened was that the technology became invisible."
Meggers then moved to demonstrations of the Spark systems and functions now available, and included technology like VR meeting rooms that are in development today for future availability. He talked about security and ease of deployment, finishing with the importance of the 20 Cisco data centers around the world for 140 ms (or better) latency for every Spark video call.
The keynote addressed ended with a familiar quote from Arthur C. Clarke; "Any sufficiently advanced technology is indistinguishable from magic." In collaboration, Meggers said, "We have to make the technology invisible and get close to magic." The attendees at Enterprise Connect applauded. The alligators continued their naps.
— Curtis Franklin, Security Editor, Light Reading