From your office phone system to your headset, work securely.
Wainhouse reviews compelling reasons – like being up to date with security and compliance regulations – why you should update your Cisco IP phone.
Awareness of privacy and data protection issues among customers, employees, partners, policy makers and the media has significantly increased over the last few years. The general catalysts have been data breaches, mishandling of data, and regulatory reform. Using “state-of-the-art” technology to lower your potential risk of processing personal data may allow you to stay up to date with recommendations, like TLS 1.2.
Payment Card Industry Data Security Standards (PCI DSS) is a set of security standards devised to safeguard all companies that accept, obtain, process, save or transmit credit card information. It applies to organizations of all sizes with any number of online transactions that accept, pass on or store cardholder information – this could be via the phone, internet, or any other means.
Organizations could be at a serious risk for data breaches if they are non-compliant to this regulation. Furthermore, if an organization is found to be non-compliant, it could be fined anywhere between $5,000 and $100,000 per month. These violations could also incur huge card replacement costs and in-depth investigations into the non-compliant business.
The EU’s General Data Protection Regulation (GDPR) imposes financial penalties for data breaches and mishandling of personal data. Using “state-of-the-art" technology is suggested for those businesses that want to lower the risk associated with processing personal data. IP Telephony utilizes industry standard encryption mechanisms such as TLS 1.2 to encrypt traffic to and from VoIP handsets.
Violations on certain articles of GDPR carry fines of up to €20M or up to 4% of total global revenue of the preceding year, whichever is greater.
As part of the Health Insurance Portability and Accountability Act (HIPAA), the Privacy Rule exists to assure that individuals’ health information is properly protected while allowing the flow of health information needed to provide and promote high quality health care and to protect the public's health and wellbeing. The Privacy rule applies to any health care provider (the covered entity) or business associate who transmits health information in electronic form in connection with transactions for which the Secretary of HHS has adopted standards under HIPAA1.
Organizations that fail to comply with these regulations run the risk of fines or criminal charges.
PCC DSS v3.2, HIPAA, and GDPR advise organizations to safeguard individual’s personal data. Customers using Cisco endpoints and Cisco Unified Communications are encouraged to develop action plans in order to comply with this guidance. This may include activities such as identifying devices and software that do not support TLS 1.2, and developing a plan to upgrade, reconfigure, or replace them.
Many older IP phone models are not able to keep up with security and compliance standards. However, the latest Cisco IP phones reduce regulatory compliance risks and provide the latest technology with the option to be on-premises or cloud.