A TWO-PART SERIES ON THE SECURITY OF NETSAPIENS PRODUCTS
“There’s no silver bullet solution with cybersecurity, a layered defense is the only viable defense.”— James Scott, senior fellow, the Institute for Critical Infrastructure Technology
Part 2: How would you hack your own system?
“Security and privacy are not an afterthought when it comes to building our products,” says Kevin Selkowitz, a senior director of solutions engineering at NetSapiens. He believes the best approach to developing and maintaining products with strong protection is to assume the identity of a hacker.
“I always think, ‘How would I hack my own system?’ Every IT manager should do that.”
A holistic approach to security
According to Kevin, when it comes to designing NetSapiens products, “We have a holistic approach to security. With SNAPsolutionⓇ, we have a UCaaS platform that’s a big product that you can do a lot with. It’s not a phone system, it’s a toolkit that’s open-ended, flexible, and dynamic,” states Kevin.
In order to maintain its power as a platform, Kevin says that security and privacy are vitally important. By separating security into two key aspects—fraud protection and privacy, NetSapiens divides and conquers the challenges of keeping solution providers secure and their customers’ privacy protected.
“Carriers worry about fraud while end users (customers) worry about privacy,” says Kevin. “NetSapiens worries about both fraud and privacy as well as the other security risks and when we build our products. They are always top of mind.”
A secure and reliable platform
When it comes to cloud-based communications, reliability is one of the top metrics that supports high-satisfaction ratings from service providers and end-users. The ultimate goal is to provide communications solutions that allow customers to communicate with anyone, anywhere at any time—especially in times of emergency and upheaval.
NetSapiens uses geo-redundancy to ensure business continuity. If a piece of equipment fails or an entire data center goes offline, workloads are immediately transferred to backup devices and locations, without disrupting or interrupting service.
How does geo-redundancy work?
By distributing mission-critical infrastructure like servers across multiple data centers in different geographic locations, NetSapiens lessens the risk of disaster in one area taking down an entire network. And with multiple, geographically dispersed nodes and seamless fail-over capabilities, NetSapiens eliminates the need for system maintenance downtime. This architecture also offers superior disaster recovery and business continuity capabilities.
Data center security
NetSapiens data centers are staffed in part with military-trained security personnel. They adhere to the various applicable military standards regarding security coordination, physical security policy, security procedures, and crime prevention. NetSapiens security officers conduct regularly scheduled exercises and inspections at the data centers to ensure the physical sites are well-protected.
These data centers also boast control ingress and egress security at authorized entry points via an interlocking door controller. The systems use a minimum of two doors working in tandem. When one door is unlocked the other door automatically locks. This is a way to control the flow of foot traffic and provide pass through authentication and authorization via multi-factor biometrics.
Security is of paramount importance to NetSapiens. For disaster recovery and risk mitigation, the baseline infrastructure of SNAPaccel is platform, solution, and service agnostic. Using diverse hardware, software vendors, and providers, multiple data center vendors make up the backbone of SNAPaccel.
NetSapiens has ensured the servers—which make our SNAPsolution UC feature delivery possible—have clear power, cooling, and network advantages, and high-risk mitigation.
NetSapiens products allow for customizing alerts. For example, when a phone changes country or when there are concurrent interactional calls using the same number, the service provider can be alerted.
Partners not into crime
To extend its products’ value and benefits, NetSapiens has partnered with TransNexus to deploy its telecom solutions that include:
- Toll-fraud prevention – to stop attacks before there are any fraud losses
- Robocall prevention – to stop annoying robocalls to improve customer satisfaction
- STIR/SHAKEN – to easily comply with the TRACED act
- TDoS prevention – to stop telephony denial-of-service attacks from impacting your customers
- Least cost routing – to save 70% or more on termination
These solutions are available with TransNexus ClearIP, a cloud-hosted platform. ClearIP is tightly integrated with NetSapiens, easy to use, and can be deployed quickly.
Lists of NetSapiens product security features
- Secure portal
- Transport layer security
- SRTP audio encryption
- STIR/SHAKEN support (FCC mandate)
- Requires passcode
- SSO/two-factor authentication
- Requires passcode option
- Requires invitation or registration to join
- Signalling secured using WebSockets
- Media secured via DTLS/SRTP
- 5 layers of access control
SNAPaccel security features
- Top-tier data centers with 7-layers of physical security to hardware.
- Multi-Layer Network Security
- Public-Private Network Separation
- Infrastructure Security Standards
- Global Security-Centric SOPs
- Access Control Tracking
- Change Control Procedures
- Compliance-Focused Engineering & Operations
- OS-level security patching
NetSapiens’ commitment to security is one of the reasons SNAPsolution is the fastest growing platform in North America per market research from Frost & Sullivan, May 2021. Its customers appreciate the holistic approach and willingly go on record to praise the company.
Read Part 1 of the Security of NetSapiens Products: “Only the Paranoid Survive”