The phrase “lowest common denominator” cuts two ways. On the one hand, it’s what you use to solve things, both in math and in communications, especially between disparate enterprises. The public switched telephone network (PSTN) is the original lowest common denominator for communications, which is why it’s still around. When all else fails, you can always make a phone call.
A new type of lowest common denominator has been emerging in the more advanced realms of enterprise communications. Audio-only bridges—the old PSTN-based lowest common denominator for multi-person, multi-site meetings—are being replaced by collaboration applications that connect participants who can join over the Internet from wherever they are. You can join via voice-only, but you also have the option for video.
These sessions often run off of an enterprise’s private implementation of a platform like Microsoft Skype for Business, or sometimes off an account with a cloud-based video/collaboration system like Zoom or BlueJeans. The lowest common denominator is that, if you’re external to the company whose system or account is hosting the meeting, you can join either by going to a URL on your Web browser, or by downloading an application.
And that’s where the dark side of the lowest common denominator comes in. The PSTN was a uniquely secure network, one whose attributes the more open Internet can’t match (because then it would be as closed and static as the PSTN has always been). And as UC analyst Sorell Slaymaker writes in a recent No Jitter post, it turns out that UC applications and websites are no different from any other Internet-borne code that your users need to be wary of. He writes of a company where “a user had downloaded a UC client from an unknown source that had malware in it.”
Sorell’s not able to give specifics on the user or application, and I haven’t seen any indication that the above-mentioned systems—or any other in particular—has had this sort of problem when users try to participate in a session that their enterprise isn’t hosting. But the larger principle, fundamental to all network security, now clearly should be applied to communications as well. As Sorell puts it: “The next time you download a UC client, think twice. Do you trust the source? Do you have something in your network that will detect when your device is misbehaving?”
Ever since voice started moving onto IP networks, we’ve been aware that communications would be vulnerable to all of the security concerns that plague any other application running on an IP network. We’ve recently started to see some more interest in the topic at Enterprise Connect, so we’re planning to beef up our programming on security at Enterprise Connect Orlando 2019.