Cisco Spark Security

by Dave Michels

Today, Cisco made its first major announcements on Spark since its January launch of the Spark Board. The company says there are more major announcements still planned for this year.

Cisco’s announcements fall into two broad categories:

  1. Security
    1. End-to-end message encryption plus compliance features
    2. Mobile device security on non managed devices
    3. Security improvements for on-prem data
  2. Analytics


The key to these enhancements is the new Spark Control Hub – a centralized Spark administration tool. It comes in basic or enhanced known as the new Pro Pack for Control Hub.

There’s quite a bit to today’s news – the press release is five pages.


First, it’s about frick’n time.

The Cisco Collaboration team has been focused on Spark, but has little to show for it. There was no Collaboration Summit at the end of 2016. The Spark Board got all of the attention in its January 2017 launch event. Cisco Live in June was dedicated to the new intelligent networking stuff.

New TelePresence room systems got the spotlight at Enterprise Connect in March (there were a handful of relatively minor Spark features announced there).

The workstream messaging market is getting crowded and many of these solutions look alike. The vendors/providers are differentiating in nuanced ways in hopes of hitting on something significantly important to the customer.

Cisco is hanging its hat on security. I believe this will become very important, but there’s so much noise right now it’s hard to understand.

Every solution effectively touts high-security with strong encryption. Cisco’s approach is legitimately different, but it requires explanation. The short version is that unlike other workstream messaging services, not even Cisco can see the encrypted content.  This is similar to Apple and its iPhone. Remember when the court ordered Apple to break the encryption on an iPhone?  It wasn’t possible with the current software, so effectively the court was ordering Apple to create a new upgrade that would break security – Apple refused. That’s a fresh break from all the hacks we read about daily. There’s a lot of bad people in this world, so it’s nice to be able to trust your provider – by not trusting them.

Meanwhile, companies that can hack their own security are often forced to via court order. There have even been cases where the provider was told to hack into accounts without notifying the customer. It’s actually bigger than nefarious spies. I had a friend that worked at my bank, and I always wondered if his curiosity extended into my account.

Cisco is building out its security story in multiple ways: role based security, customer controlled KMS, compliance offers, onsite data, DLP tools, Okta and Ping integration, and more. Central to all of this is Spark’s end-to-end security. This is not the same as storing encrypted data and transmitting encrypted data (with decryption in between).

Jonathan Rosenberg, CTO Cisco Collaboration, did a keynote on this at Cisco Live. Below, is my take on what Rosenberg said.