unified communication and collaboration...unified communication and collaboration, or ucc, is a...

No 2 | 2015

Unified communication and collaboration

CryptoMagazine 2/15 | 3

Many of us may have difficulty remembering the last time we phoned someone from a call box. Back then we used to have change or a prepaid card in our pocket. We knew our business partners' landline numbers by heart and reached them at the office. The functions of a phone were confined to voice communication. In the meantime, we live in an age in which smart phones are omnipresent and life without them would be inconceivable. Phoning is just one of several communication options of equal value. This turn of events is promoted by the "IP everywhere" trend. The Internet Protocol (IP) is the basis for widely varying means and channels of communication today, from Voice over IP (VoIP) to messaging services. And that is precisely what makes the potential of unified communication and collaboration so huge.

Successful usage model for communication and collaboration

UCC – the trendBeing reachable anywhere at any time on any terminal device with just one number is not a scenario for the future – it is present-day reality. Transactions are processed by virtual teams and information is shared over desktop computers, tablets or smart phones independent of time and location. These practices result in new forms of collaboration as well as optimised and more efficient processes. The key to all these changes is unified communication and collaboration, a standardised application environment. Besides the advantages it brings in productivity and costs, it also offers a high level of convenience for users. For instance, multifunctional mobile devices consolidate different services such as (video-)telephony, instant messaging and e-mail, and presence status information indicates the availability of the desired network participants when a video conference is being called.

Dear Readers

Unified communication and collaboration, or UCC, is a worldwide trend. The resulting new forms of collaboration give rise to optimised processes and greater comfort and convenience for users.

A standardised application environment also poses potential hazards, however. Information security is therefore a pivotal issue in the design and implementation of UCC architecture.

You can read about the challenges UCC operators face and about the crucial factors for success in UCC roll-outs in the interview with Ruggero Crameri, Head of Future Collaboration at Swisscom.

I hope you enjoy reading this latest issue of CryptoMagazine.

Giuliano Otth

President and Chief Executive Officer

Successful usage model for communication and collaboration Page 3

6 | Risks and adequate measures in information security

10 | Challenges faced by UCC operators

13 | IT security in the eyes of the law

16 | Interview with Ruggero Crameri, Head of Future Collaboration, Swisscom

18 | LTE – a further step into the future of mobile communication

21 | Secure Voice System: perfect combination of security, convenience and performance

Publication details

Published three times a year | Print run | 6,200 (German, English, French, Spanish, Russian, Arabic)

Publisher | Crypto AG, P.O. Box 460, 6301 Zug, Switzerland, www.crypto.ch

Editor-in-chief | Tanja Dahinden, Crypto AG, T. +41 41 749 77 22, F +41 41 741 22 72, [email protected]

Reproduction | Free of charge with the consent of the editorial office. Courtesy copies requested. Copyright by Crypto AG

Illustrations/photo credits | Crypto AG: pp. 2, 20 | Shutterstock: cover, pp. 3, 11, 13, 15, 21 | Swisscom: p. 17

Focus

Focus

Anyone interested in implementing unified communication and collaboration (UCC) in their organisation unleashes several challenges at the same time. What exactly is UCC? What added value does the new technology offer? And what about the security of information warranting protecting? How secure is it in an end-to-end network that connects everything with everything else via Internet Protocol (IP)?

Urs Kürzi | Customer Segment Manager

4 | CryptoMagazine 2/15 CryptoMagazine 2/15 | 5

VoIP Phones

Workstations

Secure Mobile Phone

WLAN

Secure Connection

IP VPN Encryption

VoIP Phones

Plain Connection

Perimeter

High Secure Zone

Confidential Zone

Confidential Zone Infrastructure

GOVERNMENT LARGE OFFICE

GOVERNMENT HQ

SECURE VOICE SECURE VOICE

SECURE VOICE

TRAVELLERNATIONAL/WORLDWIDE

Secure Mobile Phone

IP VPN Encryption

Data Servers

ConfidentialUCC Server

Session BorderController

3G/4G Mobile Data

VoIP Phones Voice Encryption

Call Manager

Red Enclave Gateway

L2/L3 Network

Internal UCCCore Server

UCC Edge

Local Telco

VoIP Phones

PUBLIC ZONE

VoIP Phones

Workstations

Secure Mobile Phone

WLAN

Secure Connection

IP VPN Encryption

VoIP Phones

Plain Connection

Perimeter

High Secure Zone

Confidential Zone



GOVERNMENT HQ


SECURE VOICE


Secure Mobile Phone

IP VPN Encryption

Data Servers



3G/4G Mobile Data


Call Manager

Red Enclave Gateway

L2/L3 Network


UCC Edge

Local Telco

VoIP Phones

PUBLIC ZONE

VoIP Phones

Workstations

Secure Mobile Phone

WLAN

Secure Connection

IP VPN Encryption

VoIP Phones

Plain Connection

Perimeter

High Secure Zone

Confidential Zone



GOVERNMENT HQ


SECURE VOICE


Secure Mobile Phone

IP VPN Encryption

Data Servers



3G/4G Mobile Data


Call Manager

Red Enclave Gateway

L2/L3 Network


UCC Edge

Local Telco

VoIP Phones

PUBLIC ZONE

Focus Focus

Tried-and-true physical phones are disappearing from desks and being replaced by software phones on desktop computers, smart phones and tablet computers. Computers that can be hooked up to a headphone/speaker set are the major work instruments in a UCC infrastructure. Callers click their mouse on the contact-list number of the person they want to phone and then talk or chat with that person. In the age of UCC, collaboration means that people at both ends of the line see the same document on their own screen and can work on it online. Or they convene a video conference with real-time transmission of images.

In a unified communication and collaboration network with standardised networking via IP, the different user groups are strictly separated into security zones. In the high- security zone, encryption is consistently carried out from end to end. In the confidential zone, encryption is taken care of in the background for users without them having to dispense with the convenience of UCC. Of course, calls can be made to zones with a lower or higher classification but only via a strongly protected perimeter.

Requirements-based securitySecurity is a highly relevant aspect of processing, transmitting and storing information. The public became much more aware of this fact as the events above unfolded. How secure is a phone call or a national, or even global, video conference based on a standardised application environment? Is it possible to deter- mine the channels through which myriad IP data packets are sent? Is information being protected (for example, a business plan of a spin-off or a still unpublished financial report)?

The information and communica-tion infrastructure must be set up in a way that, first, is acceptable to users and that, second, meets the needs for protection of the given information in everyday business.

Data classification is a best-practice approach to this matter from the field of network architecture. In the course of this process, it is specified which information requires which level of protection. Corresponding hierarchical classes are formed to cover the respective sets of data sharing the same attributes and needs of protection. Finally, concrete security actions are defined for each classification level (say, "secret", "confidential", "internal use only"). For instance, confidential information must be encrypted before being sent or secret information is accessible only to a certain group or to certain platforms.

For information within the organisation to be treated in accordance with its classification level, the information and communication infrastructure must be set up in a way that, first, is acceptable to users and that, second, meets the needs for protection of the given information in everyday business. In actual practice, organisations set up technically separate areas known as security zones that have different degrees of protec-tion. In other words, an adequate security zone is assigned to each classification level. For example, a high-security zone is protected by technical/cryptographic means that are more elaborate than those for a confidential zone. With these various security zones, an organisation can consistently separate the processing, transmission and storage of differently classified sets of information.

In a phone network, the subscribers would like to be able to communicate with all other subscribers. This capability requires a precise network design and carefully considered IT architecture. Gateways group together large sets of subscrib-ers and enable calls to other sets of subscribers. In the process, calls can basically leave the protected network area without the user being aware of this fact. It is therefore essential to set strict rules for voice gateways. For example, it is mandatory to point out to subscribers of a high-security zone that the party they are talking to has redirected the call to a non-protected phone. Users should be told clearly about the risk that comes from the re-routing of communication.

Integration of maximum securityThe bottom line is this: no matter how beneficial the conver-gence of communication systems and the completely new types of collaboration resulting from it may be for organisa-tions, classified information requires measures to be taken that afford maximum protection. After all, networking all terminal equipment in a way that is standardised and consistent for users places tough demands on networks and network gateways. In principle, every terminal is connectible via IP to every other terminal, whereby every gateway also offers a possibility for attacks. The platforms pose yet another challenge for security managers. Most users generally employ common devices and user software. The broad range of equipment and operating systems increases the risks of attack. Anyone wishing to maintain the sovereignty of his or her information, must define in an initial step which information warrants protection and then minimise the risk and the attack vector for this information. This latter task involves the use of a "communication dialect" that a third party cannot understand (encryption) and the set-up of high and very effective "walls of defence" (zones).

Thanks to its highly developed security architecture and its expertise in the field of hardware-based encryption, Crypto AG can ensure the protection of communication networks and of individual applications, such as voice or fax, within an entire UCC environment. As a result, users can safeguard the confidentiality, authenticity and integrity of information worthy of protection. The solutions from Crypto AG can be optimally integrated into the existing infrastructure in the process.

The downsideThe "always-on" society has a downside, as everyone knows: every action in cyberspace leaves traces behind. In these times of NSA revelations, Wikileaks, the discovery of back doors in network infrastructure components and systematic data theft, political and economic representatives are highly sceptical about the storage of huge volumes of data. Last year, the European Court of Justice ruled that the controversial guideline about the retention of data was null and void. The guideline called for meta data from phone communications – who called whom when – to be saved for up to six months, so that it could be accessed for the duration of that period to fight and investigate crime and terrorism.


HUMAN FAILURE

SPIES ANDHACKERS

STRATEGICHEADQUARTERS

NATURALDISASTER

CRIMINALACTIVITIES

BACKUPSITE

ENCRYPTION

POLICE AND COUNTER ESPIONAGE

Top secret

Software errorsSocial engineering

Operating mistakes

Extensive data theft

Confidential

Secret

Sabotage

Earthquake

Fire

Hurricane

Redundant systems

Dynamic routing

Forensic activitiesCyber defence and cyber crime programmes

CERT (Computer Emergency Response Teams)

Analyses and surveys of virus protection providers

International cooperation among crime investigation authorities

Redundant communication channels

Alternate location not in same danger zone

Terrorism

IncidentsEavesdropping

Trojans

DANGERS

COUNTERMEASURES

In recent years, there has been an enormous increase in the significance of information and the use of communication technologies in business and in government, in national defence, but also for the provision of basic supplies and in private life. We can transmit or receive information quickly anywhere and therefore increasingly forget how dependent we have actually become on this immaterial, physically intangible asset called information. It is correspondingly difficult to understand the threats and their consequences and how they can impact ICT infrastructure. The resulting risks must be rendered graspable and measurable with suitable processes and methods.

From what exactly do information and its transmission require protection?As regards sensitive information, further concepts such as data protection, encryption and protection from undesired tapping and eavesdropping immediately come to mind. But are these the only aspects warranting protection? In informa-tion security, there tend to be four goals of protection:

Confidentiality:Actions to prevent information and communication content from coming into the possession of undesired parties. The most common actions involve encrypting transmission channels and data memories but also include locking up sensitive documents or exercising restraint when discussing sensitive topics in public. Confidentiality is usually divided into predefined levels such as for example "public", "for internal use", "confidential", "secret" and "top secret".

Risks and adequate measures in information security

Integrity:Actions to ensure that information is transmitted and received complete and unchanged. In the process, content should not be able to be impaired either through system errors or transmission problems, or through wilful change. Sometimes, not just the information itself is to be protected from manipulation but also the relevant peripheral data such as sender or author, recipient's name, or time sent or received. Actions in these cases are undertaken to safeguard authentici-ty. Common mechanisms to protect integrity and authenticity include hash values and electronic signatures.

Availability:Actions to ensure that information and communication channels are available when needed. In this context, informa-tion must be protected against loss and destruction as well as against non-accessibility. The availability of information and communication channels can be rated according to different benchmarks: the period for which data is kept, the relative availability of a system, mean time between failures (MTBF), etc. Reliable precautions include backup systems, the archiv-ing of important documents in a safe place and the redundant design of transmission routes.

Traceability:Actions not only for ensuring compliance with valid regulato-ry requirements but also for testing and verifying compliance that stand up to audits. It is much more difficult to act veri- fiably correctly than just correctly. To ensure traceability, one typically creates audit trails, carries out checks and has independent parties perform periodic audits. For example, the annual financial statements of listed companies or real estate transactions in almost all countries are subject to tougher traceability requirements. In the military, certain verification duties might apply to the use of certain weapon systems and the execution of certain combat operations (long-range cruise missiles, pilot missions, special missions).

Information and communication are gaining steadily in importance in today's world. But information and its transmission are abstract and immaterial in nature. Moreover, the omnipresent availability of ICT services is taken for granted. These factors make it substantially more difficult for people to understand just how dependent society is on a well-functioning, correct information infrastructure. What essentially requires protection and for what reasons? How can information risks be rendered understandable and measurable? These questions are investigated in the article below.

Ralf Winzer | Customer Segment Manager

The rating and categorisation of the protection needed for a set of information or an ICT system under the goals of protection listed above is designated as classification. All too often, classification is carried out exclusively for confidentiali-ty. A document, for instance, is designated as secret but no mention is made of the period for which it is to be kept.

From hazard to threat, from threat to riskCompanies and government authorities, armed forces and private individuals have information and ICT systems that are assets and objects of protection and assign them a special degree of worthiness for protection based on the above goals of protection. Hazards such as natural disasters, terrorism, technical accidents and also human errors can damage these assets and genuinely threaten them (see diagram above).

Dangers, threats and countermeasures


PROB

ABIL

ITY

DAMAGE

Highly probable

Probable

Possible

Rare

Improbable

Highly improbable

Very

min

or

Min

or

Mod

erat

e

Subs

tant

ial

Exte

nsiv

e

Very

ext

ensiv

e

6

5

4

3

2

1

5 8 9 10

1 2 3 4 5 6

4 5 8 9

3 4 5 8

2 3 4 5

1 2 3 4 5

0 1 2 3 4 5

6 7

6 7

6 7

6 7

6

FrequentRare

High

Minimal

DAMAGE

PROBABILITY

RARE CASES ReductionPrevention as a way of reducing the probability of occurrence

PROBLEMATIC CASES AvoidanceRefrain from taking a risk LimitationKeep level of damage low

UNCRITICAL CASES AcceptanceAccept risks based on evaluation

ROUTINE CASES TransferRisk transfer by way of outsourcing or insurance

Categorisation of risks and actions

Now, how can the risk arising from a threat be recorded and measured? Two aspects of the threat are considered in carrying out this task: first, how often does the threat lead to an actual damaging event and how extensive is the damage involved? Basically, every risk can be determined in a simple matrix (see above diagram) using these two variables.

In routine cases that occur frequently or repeatedly (acci-dents, operating errors, hacker attacks, etc.), the probability of occurrence can be reliably estimated based on past experience. Provisions should be made for systematic actions from a certain amount of damage. For cases occurring only rarely (earthquakes, large accidents, hurricanes, extensive data theft or eavesdropping attacks), it is difficult to estimate the frequency. The questions in these situations are these: Is the event within the realm of possibility? If so, can it have serious or fatal consequences for me? If the answer to both questions is yes, suitable countermeasures force themselves upon you regardless of the probability of occurrence.

The extent of the damage is often difficult to evaluate precisely. Possible valuation criteria include: • Extent of lost use or profit (failure of a production plant);• Effort and expense involved in repair or replacement

(time and costs);• Consequences of one's own information falling into

the hands of unauthorised parties; and• Consequences of strategic ICT facilities not being

reliably available.

Regardless of possibly cloaking the degree of damage in monetary terms, the two top levels of damage each involve existentially threatening or seriously dangerous situations. For instance, strategic information systematically falling into the hands of a political or military enemy can pose an existential threat to a country.

We can transmit or receive information quickly anywhere and therefore increasingly forget how dependent we have actually become on this immaterial, physically intangible asset called information.

Actions can be taken and implemented in accordance with different risk strategies (see above diagram).• Risk prevention: The actions preventively prohibit

the threat almost entirely. Example: Strongly encrypted communication effectively precludes a successful eavesdropping operation.

• Risk mitigation: The action reduces the probability of damage or the extent of damage. Example: Redundant systems at separate locations with redundant connections.

• Risk transfer: The risk is transferred to another party, typically an insurance company.

• Risk acceptance: The risk or residual risk (after suitable actions are taken) is only slight and can be accepted. Example: A communication disruption for the levels "confidential" and "secret" is tolerated for up to 30 minutes per quarter.

• Risk denial: Denying a threat ("That has never happened before!") is not a viable risk strategy in a narrow sense but is more common than is often assumed.

Example of a risk matrix

A networked method of working is increasingly asserting itself in all areas of the military, the civilian authorities and also the private sector. The world is inconceivable any more without terms such as Network Centric Warfare or unified communica-tion and collaboration (UCC). The convergence to all IP is part of this trend. In other words, all types of communication (voice, media streaming, computer networks) are shifting to common cables and protocols. This change, in turn, is causing a massive concentration of risks on the communication infrastructure. Consequently, the clear definition of safety needs (classification) for individual types of communication is becoming pivotally important for protecting the interests and security of the state and society. So too are the identification of possible dangers and threats and the determination of risks resulting from them. Special attention must likewise be paid to the protection of sensitive information against undesired access or inadmissible manipulation. The secure encryption of data and communication is and remains one of the most effective means of prevention of all.


Near real-time communication by means of UCC relies on a high-performance IP network. A full user experience cannot be provided and expectations of UCC cannot be met unless there is sufficient bandwidth. Given the needs for mobility, mobile aspects of the infrastructure also have to be kept in mind. Good voice and image quality are ensured by adequate hotspot coverage on campuses and in buildings that is also designed for real-time communication. Only then can mobile equipment be used beneficially for collaboration and for the support of business processes.

In pre-UCC times, voice was a service everyone took for granted and was conducted in networks specially designed for this purpose. Formerly analogue, these networks have now been transformed into a data-based infrastructure. Voice too is transmitted nowadays in the form of data packets. That is common knowledge. Consequently, the "voice service" nerve centre of an organisation is now suddenly a software applica-tion on servers. It is managed with the functions of an active directory and utilises payload encryption to ensure the confidential transmission of calls. As a result, responsibilities for voice services within an organisation have shifted in most cases from the telecommunication department to the IT department.

Disturbances are serious in real-time communication because jams or failures in data networks are directly noticeable. As all communication is conducted through the same channel, users have to obtain help by alternative means when a disturbance occurs, i.e. when the soft phones on their desktop computers or tablets suddenly stop working. It is clear that communication is critical for business and that system failures have to be remedied as quickly as possible.

Challenges faced by UCC operators

An operational plan helps limit risksITIL (IT Infrastructure Library) is an example of a source for best practice approaches for an operational concept tailored to a given organisation. Ideally, UCC architecture is designed to allow the establishment of an operational concept that precisely meets the requirements of the users and types of workstations involved. The architecture defines which services, such as voice and e-mail, belong to the basic functionalities and which services are to be used to what extent on mobile devices such as smart phones. It also specifies that collaboration services (desktop sharing/video conferencing) are reserved solely for desktop computers for security reasons. Incidentally, UCC likewise enables the over-abundance of terminals to be reduced because of the single-number approach used (reachable at a single number). A government ministry defines the nature of its workplace for itself, in other words, which users work with which applications. Based on its mode of operation, it can decide, say, on three types of workstation, all fitted with corresponding communication equipment: desktops, laptops and smart phones. Users allow themselves to be assigned specific services based on their area of responsibility.

How does a chief information officer (CIO) protect his complex convergent infrastructure from possible failures? The ISO 27001 framework sets forth a methodical procedure. It provides information on what is to be protected (asset management) and on what hazards must be taken into account (risk management). It then proposes concrete protective actions derived from this information. A UCC system can be operated as part of a managed service. In this approach, an external local service provider takes responsibility for operation and support. He guarantees the quality and availability of UCC through a service level agreement (SLA). It should be noted that the involvement of an external service provider and the associated security risks must be precisely analysed and considered. The interface with the service provider inevitably necessitates the use of a network transition, which has to be protected. Overall, one can say that the owner of the UCC infrastructure must control any access by the external service

It is essential that the individuals responsible for an IT infrastructure define an operating approach for unified communication and collaboration (UCC). When all is said and done, communication services form the nerve centre of every organisation and must be operated in a fail-safe manner. That is all the truer when an IT department is put in charge of UCC voice and messaging services as a core task in the course of an IP transformation.

Urs Kürzi | Customer Segment Manager

provider. The transport layer must therefore be protected and the authentication of the service provider must be determined by the owner.

In a unified communication network that connects every participant with mobile terminals regardless of time and place, security is no longer an option; it is a mandatory requirement.

Key points in the operational concept also include the hotline and the reaction times of the help desk; the procedure for dealing with a system failure and how users can log in and authorise themselves; what interfaces are available for an update of the UCC infrastructure; and the depth of documen-tation for individual services. Because of real-time communica-tion, requirements from the realm of telephony are factors higher than those applying to earlier networks involving data

only. A failure has massive ramifications. Even the smallest disruptions or insufficient bandwidth influence the quality of voice transmission. If an e-mail service fails, it has to be restored within hours whereas a failed voice service has to be restored within minutes at most. A mixed form of self-service and external services is also conceivable. An organisation can perhaps cover the first and second levels of support itself. As soon as technical details of the system come into play, it calls on external service providers for assistance.

Security-first philosophyIn actual practice, aspects critical to security are covered by an organisation's own technical employees, such as the security manager. Highly integrated security solutions with firewalls, session border controllers and intrusion detection offer extensive functions and have several pitfalls in configuration. A correspondingly high level of engineering and expertise must be applied in order to comply with the security policy of an organisation.


CAPABILITIES

DEVICES

BENEFITS

Anytime, anywhere,anyhow

E-Mail

Fax

File

InstantMessaging

Social Apps

PC

Smart Phone

VisualCommunications

IP Phone

Collaboration

Conferencing

Business Apps

Tablet

Telephony

There are such things as perfectly kept secrets. Think, for example, of the myths surrounding the recipes of various cheeses and beverages. The companies have always treated the ingredients and recipes as strictly kept corporate secrets. They are locked up in a safe under maximum security conditions and made known only to select individuals. Just as businesses can claim this basis of existence for successful products and companies, so too should a state be able to claim existential matters for itself.

State secrets are facts, objects and findings that are and must remain accessible only to a limited group of individuals. They must be protected from being accessed by unauthorised parties and kept secret from foreign powers to avert the danger of a serious disadvantage for the internal and external security of a country.

The fact is that the threat to the internal and external security of a state has increased in general, for instance, due to electron-ic eavesdropping operations by foreign governments or due to whistle-blowers in one's own ranks. No effort or expense is too great when it comes to spying out secrets. The new technological possibilities of computer and transmission technology may make work easier but they also pose new risks. After all, computer and transmission technologies are vulnerable. New, previously little known risks are arising in our new information society. For instance, UCC allows everyone to communicate with each other. Even critical infrastructures such as power

IT security in the eyes of the law

stations and hospitals can be controlled over the Internet. Protection from cyber risks means that government employ-ees must suitably encrypt their digital information before entrusting it to a private network or the Internet. That way it is safe from being accessed and from being changed by unauthorised parties.

Good governance versus official secrecyGood governance means an entity, such as a state, acts on the basis of a good control and regulation system. Governance is a term free of any value judgement. Characteristics of good governance include transparency, participation and the rule of law. In 1992, the World Bank published a study in which it presented its own understanding of the term "governance" for the first time and set certain requirements for operational work. The focus was on public sector employees, the signifi-cance of the rule of law, the principle of responsibility and the importance of transparency and public access to information about government action.

Much has changed since then. In recent times, more than 80 countries have introduced freedom of information acts or acts on administrative transparency. They grant citizens a subjective right to access official information. They are limited, however, in areas in which personal, political or confidential corporate secrets have to be divulged or which touch upon core areas of national security.

Laws, such as the acts on data protection, the mail and postal services, on telecommunications and intelli-gence services as well as a national strategy on protection from cyber risks, are crucial to helping users of information and communication infrastructures handle digital data securely in a given country. A clear-cut legal framework and the use of strong cryptography are the main requirements for doing justice to the new technological possibilities such as unified communication and collaboration, known as UCC for short. Once those are in place, one can securely process and transport all levels of classified information in a unified infrastructure.

Ilona Grof | Legal CounselUrs Kürzi | Customer Segment Manager

Commercially available mobile terminals are geared to "connectivity first" and connect at the closest hotspot to the core server going into the interior of the organisation. A communication-edge server is the gateway for an organisa-tion for plain text communication from and to the outside world. By contrast, a mobile terminal for secure communica-tion at the level of a government minister follows the precept of "security first", communicating with the interior of the organisation exclusively through encrypted channels. In this case, the gateway to the interior of the organisation is an encryption security gateway. With encrypted communication, the data stream cannot even be read with a network analyser. In addition, the network encryption unit filters out its own encrypted network protocol and discards all other communica-tion protocols. That means only authenticated data communi-cation is accepted. In a unified communication network that connects every participant with mobile terminals regardless of time and place, security is no longer an option; it is a mandatory requirement.

A UCC system connects individuals regardless of terminal, place and time. Information security inevitably becomes the focal point for users and operators in organisations that work with sensitive information.

Training of employeesWhat good is the best UCC system if users cannot efficiently apply its advantages and UCC is not employed in accordance with security instructions? Not all employees know how to handle new communication technologies. This fact is impor-tant to keep in mind. It is therefore recommended that organisations initiate a programme to introduce employees succes-sively to the technical capabilities and advantages of the diverse realm of unified communication and collaboration (UCC). In no time, users will also realise that security is a substantial factor in this context and will appreciate that communication encryption is activated automatically in the background.


Good governance is juxtaposed with official secrecy, which is limited to a defined group of individuals, say, to members of the authorities, the administration, or of course members of the government and other office holders.

In the governmental and political realm, persons are entrusted with confidential information if their area of responsibility gives them access to information declared classified, in other words, confidential or secret. Their duty to maintain secrecy can be regulated generally or by special law. By way of example, staff from certain offices may be obligated to maintain the secrecy of statistics, mail or professional secrets. A violation of this duty of secrecy without legal justification can have consequences under service law and criminal law. Persons who divulge state secrets are usually threatened with long prison sentences. In addition to political reputation risks, liability claims may also be asserted against the civil servant involved, against the administrative agency or against the state.

National security is given special attention. The regulation of the powers of the intelligence services plays a substantial role in politics. Laws on national intelligence services and telecom-munication laws regulate, first, the acquisition of information abroad and, second, the monitoring of communication networks domestically. Acquisitions of information abroad without the third state's consent violate that state's territoriality. These actions in particular are extremely sensitive matters that hold the risk of collateral damage. Politically and judicially, these powers and authorisation processes vary in each country but all boil down to one thing: legal issues in digital space make for sensitive territory that has to be regulated. Laws seldom reflect the technical framework that is possible today. They therefore have to be reviewed and adjusted on an ongoing basis.

Security policySecurity policy is a subcategory of policy that takes in all legislative processes of organisational entities in a government. Security policy can impact the networked security of UCC. The Anglo-American term "security policy" refers to technical and substantive methods of preventing and averting threats and damage to the confidentiality, availability and integrity of IT systems. A national strategy to protect against cyber risks is meant to define the essential elements for protecting and defending against cyber risks. It should also set down rules on where means of authentication, signature and encryption should be used to access the widest variety of networks with their technical applications based on classification level and rules on which means they must be. Moreover, a state should be able to detect threats and dangers from cyberspace early on. To this end, national computer emergency response teams (CERTs) have been set up in many countries. They consist of a group of IT specialists and continuously monitor computer systems, the Internet and the critical infrastructure for the pres-ence of viruses and malware. A CERT warns the economy,

especially financial institutions, and the government about new types of security gaps in operating systems and applications, about the spread of new viruses and targeted attacks. It offers solutions for the secure use of ICT infrastructures. It provides information about dangers on the Internet and issues situation reports to explain key trends and developments surrounding incidents and events in information and communication technologies. Ideally, these dangers should be taken into account in the government's defence measures.

A state also has a right to secrets.

Classified informationThe specific need for the protection of information is regulated in numerous national laws. Data protection law is primarily applicable in this context and is often cross-sectional in character. It can be applied to all governmental, business and personal information. In other words, each document and each item of information is assigned a level of protection in line with its worthiness for protection and its endangerment. When creating a document, the author in each case is responsi-ble for selecting the level of classification that best fits the content. If a system with a tough security requirement is used, it automatically assigns the document the author's personal level of protection. After all, the system is supposed to prevent the author from being able to forward information uninten-tionally to a lower level of protection. In an IT system of this kind, each user exercises his rights to his set level of power, in other words, the power assigned to him based on the trust placed in him and on his authorised function. He can access all the documents classified at his level. The levels of protection are usually as follows: internal, confidential, secret and top secret. Whether classified documents must be communicated and how is part of the overall governmental concept and the legal framework.

Is the protection of information in a UCC network guaranteed?UCC gives a new currentness to the protection of information and to data protection in the narrower sense. The latter regu- lates the handling of data of natural persons and legal entities and personal data deemed especially worthy of protection. Fitted with the central control of the entire communication system, UCC unifies the different means of communication, such as voice, e-mail, video, instant messaging, fax and SMS. In doing so, it greatly facilitates collaboration between and within government agencies and cuts costs while increasing efficiency and promoting innovation. But UCC does have its drawbacks. With all terminals, such as smart phones, tablets, laptops and desktop PCs, users can access official, possibly even classified information either on the move or in the office. The information can usually be processed and forwarded at will. Another especially critical aspect must be noted. Originally, data networks were designed for self-contained data exchange within organisations. Today, they are being transformed into a phone network for open telephony and messaging services as part of a UCC group. In addition, all data is contained in unified digitalised form on the servers of the system. This set-up could tempt people to analyse millions of data sets and create profiles from them.

The question therefore arises as to how basic legal conditions can be implemented and asserted in the reality of a UCC network. Do laws have to be adjusted to the new technical capabilities? The solution to the problem is two-fold: an up-to-date legal basis and cryptography. As regards laws, it is up to the legislative branch to draw them up and bring them up to date. As regards cryptography, use is made of national algorithms. In the framework of the security plan and supplemented by a multilevel classification system on the part of the government, these algorithms give rise to a bundle of resources with which official acts, projects and defence plans on national security can be efficiently isolated from the public, so that government-level secrets can also be kept secret. After all, a state also has a right to secrets.

A clear-cut legal basis helps to avoid or minimise IT risks.

CryptoMagazine 2/15 | 1716 | CryptoMagazine 2/15

What role does Swisscom play in the introduction and operation of UCC?Swisscom is among the pioneers in Switzerland in the field of UCC. We introduced UCC in 2010. Today, 20,000 employees work with it. Back then, UCC was a completely new means of communication. Today, life would be inconceivable without this communication channel.

Which UCC services has Swisscom itself already introduced or is planning to introduce?We are constantly further developing and improving UCC. Since its roll-out, the employees have used Skype for Business. We are communicating in smarter ways and always within a context thanks to functions such as desktop sharing, instant messaging, PC telephony as well as video and phone conferenc-es. If an employee receives an e-mail, is working on a Word document or sees a document at SharePoint or on the Intranet, he can immediately contact the author using UCC, chat with him directly and ask him questions, communicate by video or share desktop content. With the presence status, he always knows whether the other person is reachable, busy or absent. Today, we even go one step further. With "Ask the brain", we have created a knowledge networking environment. Employees can ask questions there on all possible topics. If experts defined for the issues are free, a chat is started with them and they are asked a question.

What changes in communication and in work methods does UCC bring with it?UCC fundamentally alters the type of communication that occurs. Today, Swisscom employees can basically choose where, when and with what device they want to work. Everything is possible: working at the office, at home or on a train. Today, phone conferences are standard and often replace meetings requiring people to be physically present. For instance, in April 2015 nearly 50,000 phone conferences were conducted involving more than 155,000 participants. But collaboration is much more than starting a phone conference or sharing screens. I like quoting a 16-year-old commercial apprentice on this subject. She summarised so aptly what she and her generation understand collaboration to be today:

"We want to have free access to information, find our knowledge and above all, openly share our knowledge. We want to be able to network this knowledge, not just internally but also with customers and partners, in other words, with the rest of the world. To do so, we need spontaneous means of communication with which we can collaborate directly and virtually in an independent way. We want independence regarding the devices we use. My colleague prefers his Mac, I like working with the Ultrabook and someone else might opt for a tablet. And we must be able to work flexibly everywhere. At the office, at home, in a restaurant, on a ship. Wherever."

These points also roughly express the Swisscom vision of collaboration. The Group Executive Board embarked with us on this Collaboration@Swisscom project, setting off on a journey whose exact outcome and route we were unable to predict back then. We did not take this step based on a business case. We knew that would have nipped many ideas in the bud. Instead, we took a courageous step towards limitless collabora-tion and promised the project team trust and the freedom necessary for implementation.

How can UCC be judged from an economic perspective?UCC also brings economic advantages. Swisscom estimates that UCC saves eight million Swiss francs a year in travel expenses and another five million a year from optimisation of office space and access costs.

Did you encounter any kinds of opposition to the introduction of UCC and its operation?The introduction of communication and collaboration solutions is more than just a technological undertaking. New forms of collaboration always require, or trigger, a change in corporate culture. UCC is revolutionising the manner in which people are collaborating. This change, in turn, is putting its stamp on corporate culture. That is precisely why UCC projects should be declared matters for the boss. Top manage-ment must have clear notions of what collaboration in the company will look like in future. It is only with an understand-able vision that we will succeed in convincing the employees of networked communication and collaboration and in introduc-ing flexible forms of work. Innovations of this type cannot be implemented overnight. That is obvious. At Swisscom the

"UCC fundamentally alters the type of communication that occurs."

Conducting the interview was Tanja Dahinden | PR & Corporate Communications Manager

Interview with Ruggero Crameri, Head of Future Collaboration, Swisscom

transition took about two years. The biggest challenge was not the technological conversion but rather the coaching of employees and, thus, change management.

How important were training sessions or the training of employees in connection with UCC?The training of employees is the name of the game. It takes time for new technologies to be accepted. It takes even longer for employees to make actual and consistent use of unified collaboration and communication. Drawing on this knowl-edge, Swisscom has already professionally assisted several renowned Swiss corporations on the road to UCC-based communication and collaboration – with the involvement of the young generation.

How important do you think information security is?Information security is a highly significant factor in all our projects. Striking a balance between usability and security is not always easy. For instance, we had to forgo sending files via Skype because of technological challenges. But we were able to activate all other functions for our employees without having to accept any losses with respect to security. The term "security" is understood much more broadly in UCC, however. The task is to show the employees that UCC is not for monitoring and control but rather for easier communication and more efficient collaboration. A cultural transformation is needed before this step can be taken. Personnel representatives and especially Human Resources play a key role in these efforts.

What actions and mechanisms can help to ensure that information is treated in accordance with its classification in connection with UCC?We can create workspaces in the collaboration environment that are accessible only to a certain group of users. Classified documents can also be deposited there, for example, to be sure they do not fall into the hands of unauthorised parties.

Based on your experience, what recommendations can you give to other organisations interested in introducing UCC?Do not view UCC as a technical project. Always put the main focus on people. It is people who have to be persuaded – and who can help UCC to succeed by making efficient use of the new tools.

Since 2009, Ruggero Crameri, Head of Future Collaboration at Swisscom, has spearheaded the project on unified communication and collaboration (UCC) at the lead-ing telecommunication company and biggest provider of ICT solutions in Switzerland. He draws from his practical experience in project exe-cution and in the development of services in the communication sector. His goal is to simplify daily collaboration at the company and guide people in this change process. He feels it is important to actively involve the young generation.


TOTA

L (U

PLIN

K +

DOW

NLI

NK)

MON

THLY

TRA

FFIC

(PET

ABYT

E/M

ONTH

) 800

700

600

500

400

300

200

100

0Q107

Q207

Q307

Q407

Q108

Q208

Q308

Q408

Q109

Q209

Q309

Q409

Q110

Q210

Voice Data

Q310

Q410

Q111

Q211

Q311

Q411

Q112

GSM – 2G

Mbps

UMTS – 3G LTE – 4G

1000

100

10

1

0.1

1992

GSM9,6 kbps

GPRS48 kbps

EDGE236 kbps

UMTS384 kbps

HSDPA

HSPA+

LTE

1,8 M

bps

3,6

Mbp

s7,

2 M

bps

14,4

Mbp

s

28,8

Mbp

s

42 M

bps

50–3

00 M

bps

1994 1996 1998 2000 2002 2004 2006 2008 2010 2012 2014 2016

LTE-

Adva

nced

(0,5

– 1

Gbps

)

Looking back to the near pastThe history of mobile telephony as we know it today began in the early 1990s with the advent of GSM networks and the associated replacement of car phone networks, which were analogous and insecure at the time. GSM – Groupe Spécial Mobile, later Global System for Mobile – was a joint initiative of several European telecommunication providers. Its goal was to establish a digital mobile phone system in which subscribers could make phone calls and be reachable in all national networks at any location under their phone number. That meant virtually Europe-wide back then.

For the first time, the cellular structure of the radio stations reliably ensured that a phone connection was maintained during a car or train ride and handed over from one cell to the next. Although the main focus was on voice communication, the system also offered a service for sending short text messag-es through the signalling and data channel. The initiators were convinced that there was no real market need for this Short Message Service (SMS). Boy, were they wrong!

LTE – a further step into the future of mobile communication

In the second half of the 1990s, the Internet and the World Wide Web based on it became accessible to a broad public. Surfing on the Internet and communicating by e-mail became a matter of course. Users wanted to be able to make mobile use of this data-based form of communication as well. Telephone companies quickly caught scent of business opportunities in this area.

So, a number of manufacturers and telecommunication firms decided to create the third generation of mobile communica-tion1. To this end, they founded the 3rd Generation Partnership Project (3GPP) under the auspices of the associated standardi-sation bodies. The core tasks of 3GPP are to define and propa-gate standards and processes for the transmission of IP-based data over mobile networks at ever faster transmission rates while making ever more efficient use of the available radio frequencies and antenna sites. The market players assume exponential growth in mobile data volume. This trend is fuelled by yet another one: smart phones are being joined by increas-ing numbers of tablets and notebooks with mobile network access but also networked embedded systems (particularly vehicles and navigation systems).

Striking advances have occurred in mobile telephony and data communication over the past two decades. Once awkward and hard to carry, mobile phones have since turned into genuine all-rounders, making available nearly the same communication capabilities as on a stationary workstation or at home. LTE and 4G are touted as the latest advances in mobile communications. This article explains the nature of these advances and the benefits they offer us.

Ralf Winzer | Customer Segment Manager

UMTS: the third generationWith the Universal Mobile Telecommunications System (UMTS)2, 3GPP defined a family of protocols with parallel streams of data. This feature enabled the simultaneous use of multiple services (for example, phoning while downloading e-mails). Downlink data rates (from mobile network to end user) were between 2 Mbps and a theoretical 25 Mbps.

UMTS cleverly unites connection-based (voice) telephony with packet-based data transmission in the terminal device. The market is demanding even faster connections, however. UCC (unified communication and collaboration) is often needed in mobile use and the voice connections are shifting successively to the Internet track as part of all-IP convergence.

LTE: long-term evolution?So, 3GPP set the goal of developing a fourth generation of mobile networks. It has the telling name "Long Term Evolution" (LTE).

The demands put on LTE include these, among others: considerably increased data throughput, optimum use of available frequencies and base stations, interoperability with the existing 3G networks, for terminal equipment and among the networks, plus easy migration from 3G to 4G for telecommunication companies. Ingenious technical actions were undertaken to meet these goals. Radio systems today are so precise in maintaining frequencies and time specifications that the frequency domain can be utilised almost fully within a defined bandwidth with OFDM (orthogonal frequency- division multiplexing). Carrier frequencies fall exactly on the spectrum gaps of the neighbouring frequency. The distribution of data streams over multiple antennas (MIMO – multiple-in-put and multiple-output) increases the data throughput while reducing vulnerability to faults.

Networks and terminals today ensure interoperability in that both the current smart phones and the base stations of the networks enable the simultaneous use of UMTS and LTE. Smart phones take advantage of this fact in that they currently continue to handle phone calls using UMTS whereas the data is transferred via LTE (circuit switched fall-back – CSFB).

Furthermore, the transmission protocols used take account of the increased real-time demands in connection with streaming data (video, voice).

For the first time, the cellular structure of the radio stations reliably ensured that a phone connection was maintained during a car or train ride and handed over from one cell to the next.

The various levels of terminal equipment, base stations and nodes of the core network are mutually highly interoperable. LTE greatly simplifies the set-up of base stations as compared with UMTS and GSM. Regional protocol incompatibilities no longer exist as they did with 3G. All these factors are likely to result in a quick, worldwide migration from GSM/UMTS to LTE. Infrastructure for new sites is more economical to provide with LTE base stations than with 2G or 3G stations.

Development of transmission protocols and throughput rates

Source: Huawei

Voice and data traffic growth in mobile networks, 2007-2012

Source: Ericsson

CryptoMagazine 2/15 | 2120 | CryptoMagazine 2/15

Secure Voice System: perfect combination of security, convenience and performance

Closed LTE networksLTE has very appealing features in terms of technical perfor-mance. Moreover, huge numbers of people worldwide have the latest smart phones and those numbers are steadily growing. All this is causing ever more military users and internationally active organisations to set up their own LTE networks in the operational area as part of operational missions and to equip the mission participants with suitable smart phones. This approach is quite an interesting solution for tactical communication involving limited confidentiality.

Security and encryptionLike GSM and UMTS before it, LTE also possesses mechanisms for authenticating terminals and encryption processes for communication content. Owing to the telecommunication secrecy mandated in the telecommunication law of many countries, network operators must ensure the confidentiality of connections while also providing for government ordered tapping operations (legal interception). If just a standard encryption is used, the encryption arrangements are negotiated between terminal and base station of the network operator (or of a potential attacker) while the connection is being established and are invisible to the end user. For confidential or secret communication content, autonomous high-security encryption therefore continues to be indispensable.

Crypto AG is closely following these technical developments and takes them fully into account by coming up with corre-sponding security solutions. With the HC-9100 hardware encryption unit in the form of a μSD card plus a specially hardened LTE-compliant smart phone, Crypto AG offers an appealing communication solution: the discreet look of a commercial smart phone combined with security mechanisms for the toughest secrecy requirements. The HC-9100 is an integral part of a comprehensive system that can also contain secure desktop phones and connections to other networks.

Trends for the futureOne general observation is that end users increasingly resort to IP-based systems and networks (all-IP convergence) to connect to the communication networks for all types of communication (voice, video, data). Moreover, the trend appears to be away from this connection being wire-based. Radio waves are preferred. This holds true for the stationary sector, where wireless LAN is successively replacing Ethernet cable, and for mobile use, where people employ mobile networks to connect to the public Internet and to their own ICT infrastructure. In both cases, connections via radio waves now closely resemble stationary connections in terms of convenience and data throughput. The radio-related connection to a base station also renders expensive physical cabling to every individual terminal device superfluous, thereby providing quite a substantial economic incentive.

Nonetheless, LTE does not fully meet all specifications that its initiators had hoped it would.3 That is why LTE is frequently referred to as 3.9G instead of 4G. But LTE-Advanced is already in the starting blocks. And 3GPP promises us that this time it really will be 4G.

1 Analogue mobile networks were henceforth referred to as first generation (1G) and GSM as second generation (2G).2 Slightly different telephony standards apply to America and Asia, so an organisation called 3GPP2 developed locally adapted processes in these continents (CDMA2000).3 The deviations pertain in particular to data throughput and the spectral bandwidth.

Hardware Encryption Unit HC-9100 with hardened LTE smart phone

A world without mobile telephony is no longer conceivable. This form of voice communication is indispensable today, especially for the efficient functioning of an organisation. The advantages are obvious: (business) matters can be dis-cussed regardless of time and location, thereby improving people's ability to act and increasing efficiency. That means members of the government, representatives of the

diplomatic corps and high-ranking civil servants from a government ministry can be in contact by phone with each other or with staff at headquarters even while travelling domestically or abroad.

Decision-makers conduct calls on classified subject matter that are encrypted end-to-end to ensure appropriate protection for

A communication system is basically considered most secure if it meets the toughest security requirements while likewise being accepted among users and thus used voluntarily and as a matter of course by them. The Secure Voice System from Crypto AG complies with these different conditions. Another of its characteristics is that it integrates any number of network participants in the system so they can communicate ultra-securely: from decision-makers constantly on the move to myriad stationary employees of a given organisation.

Tanja Dahinden | PR & Corporate Communications Manager


sensitive information. This approach is understandable and adequate given the number and scope of increased eavesdrop-ping operations. They can rely on the same liberties and convenience to which they are accustomed from unencrypted telephony. Moreover, decision-makers remain capable of taking action at any time – even in crisis situations.

Various possibilities, one goal: ultra-secure phoningThe Secure Voice System from Crypto AG offers network users a convenient and versatile way of conducting ultra-secure phone calls. The system allows end-to-end encryption for phoning and chatting. Communication is routed in one of two ways. Either it is conducted between two secure mobile phones (fitted with the world's smallest encryption platform Crypto Mobile HC-9100 and the security application Voice Encryption Mobile HA-2410) or between a secure mobile phone and a conventional landline phone. In the latter case, the desktop encryption platform Crypto Desktop HC-9300 must be connected between the two. It can stand on the user's desk at headquarters and enables file and fax encryption along with the encryption of voice commu-nication. Incidentally, a secure mobile phone also lets users conduct ultra-secure phone calls and chats via WLAN. The roaming fees usually charged abroad are eliminated.

One big advantage of the Secure Voice System from Crypto AG is that it is scalable in scope (number of locations) and capacity (number of subscribers per location). It can be tailored flexibly to the individual needs of a larger organisation. Consequently, a large number of secure mobile phones and large "red enclaves" can be integrated in the system, as well. That means highly secure connectivity for mobile and stationary subscrib-ers alike. Redundancy and availability are also assured at all times with the system components used.

For instance, administrative operations as a whole can be linked to the voice system as a red enclave with minimal technical effort and financial expense. This approach makes it possible, for example, to integrate multiple government ministries in the network and to set up a top-security layer for their communication. The Red Enclave Voice Gateway HA-2300 is connected to an SIP-capable switchboard. Thus, select local employees of government ministries can establish an encrypted connection even without a secure mobile or landline phone by using their conventional phone at their workplace instead and thereby the existing communication infrastructure.

HEADQUARTERS

PUBLIC ZONE Mobile PhoneHC-9100HA-2400

500 Mobile Phones

Mobile PhoneHC-9100HA-2400

3G/4G Mobile Data

1500 Telephones

Internet

PBX PBX

MOBILE USERSNATIONAL / WORLDWIDE

BRANCH OFFICENATIONAL / WORLDWIDE

3 x Red Enclave Voice Gateway HA-2300

3 x Red Enclave Voice Gateway HA-2300

Call ManagerHA-2100

Call ManagerHA-2100

Secure Connection

Plain Connection

Management Gateway

CryptoManagementSuite CMS-1200

VoIP Telephone Desktop EncryptionHA-2500

VoIP Telephone

VoIP Telephone

The Secure Voice System can be scaled as desired. In this case, there are 500 mobile and 1,500 stationary participants integrated in the secure network. This arrangement enables end-to-end encrypted communication between mobile and stationary participants as well as encrypted communi-cation between mobile participants and participants in a SIP-capable switchboard. The Crypto Call Manager HA-2100 establishes the voice connections and switches the calls, while the comprehensive Crypto Management Suite CMS-1200 handles central system management.

It would also be conceivable to set up a Secure Voice System in connection with large events, for example, such as international conferences attended by opinion leaders and decision-makers from politics, business and society. The smooth staging of such events requires ultra-secure communication among a large number of project staff, so the security of participants and guests can be assured at all times.

Access means powerThe entire network is operated autonomously by the local system managers. It is managed centrally and online using the comprehensive Crypto Management Suite CMS-1200. The ultra-secure and reliable management and configuration of the encryption units integrated in the system are thus assured at all times. It is easy to distribute keys and to configure and update the encryption units.

Decision-makers can perform their duties and exercise their powers anywhere and at any time.

With the Crypto Management Suite CMS-1200, the topology can be defined and the network configured. For instance, one determines in authorisation management that a network participant high up in the hierarchy – say, the head of govern-ment or the government minister of a country – can reach all other participants. However, only select, duly authorised partic-ipants are allowed to communicate in encrypted form with him. A dynamic address book is used as the basis for defining communication groups, which usually change daily.

Spectacularly unspectacular phoningAs mentioned at the start, it is imperative for the security of a communication system that the system also be accepted by the users, who are frequently decision-makers. The Crypto Secure Voice System is compelling as a convenient, user-friendly voice communication solution. Connections are established at a speed comparable to unencrypted communication. Security and network parameters are configured and managed centrally and independent of user location. As a result, users can conduct highly-secure encrypted communication without having to concern themselves with the encryption processes running in the background. That means users can perform their duties and exercise their powers anywhere and any time.

In addition, the system delivers excellent voice quality. Last but not least, it meets the demand for a secure mobile phone with a discreet design. The terminal is a well-known commercial model – but the operating system is ruggedised for good reason. This feature prevents any risky outside software such as spyware or malware from being installed.

Crypto AGP.O. Box 4606301 ZugSwitzerlandT +41 41 749 77 22F +41 41 741 22 [email protected]

Fairs

EmSECIn Dubai from 27 to 28 October 2015

DSAIn Kuala Lumpur from 18 to 21 April 2016

Seminars

Information Security Specialists28 September to 2 October 2015

Technical Vulnerability Testing5 to 9 October 2015

Contemporary Cryptography12 to 16 October 2015

The seminars are all held at Crypto AG premises in Steinhausen, Switzerland.

Contact and further informationwww.crypto.ch/en/products-and-services#seminars Re

stric

ted

© C

rypt

o AG

. All r

ight

s res

erve

d. 6

7107

0 / E

N / 1

508

Kuala Lumpur

Zug

Abu DhabiMuscat

Rio de Janeiro

unified communication and collaboration...unified communication and collaboration, or ucc, is a...

Documents