Security Q&A With iovox CTO Mark Carbonaro
privacy, security, spam blocking,
In a society that increasingly relies on technology, it’s nearly impossible to avoid the topic of digital identities and how the companies we rely on everyday protect our interests as consumers. While cyberattacks are nothing new, if recent global attacks tell us anything, it’s that we can never be too careful about digital security. It’s important, at a minimum, to educate ourselves on the dangers that exist and how we can protect ourselves from cyber-attacks. In a recent interview, we sat down with our Chief Technology Officer, Mark Carbonaro to talk about all things telecommunication security.
Q: What exactly is data – where does it come from & where does it go?
A: Data in general terms, is the content of anything you create and store in a digital format, this can include emails, instant messages, documents, and spreadsheets. There is another form of data, metadata, which is information about the data you have created. Metadata can contain information about a document, who you sent an email to, the phone number of the person who just phoned you, and so on.
Every action we take online creates both data and metadata, from the phone call you place to each email you send, even every Facebook post. This data is transmitted and stored to the host of the service, which could be Google if you use Gmail or with Facebook for all your posts, photos, and videos shared on that platform.
These services will also store additional metadata about you. For example, Facebook will store the location of where you made a post.
Q: What should people care about when seeking to secure their data?
In many cases the company will use your data to sell you services that might be of interest to you by displaying advertisements on the things you like or discuss online. In some cases, the company will sell your data to third parties who can use it themselves or sell it to others.
Every piece of information paints a clearer picture of who you are, what you like, where you live, and who you know. So why should you care? Simply put, this information makes you can easy target for identity theft.
Of course, Facebook isn’t going to do that, but it only takes one hacker to steal your data and sell it online. Even the largest companies fall victims to hacks and data theft all the time, so it’s important to be careful about what information you share, who you share it with, and the intentions of those you share it with.
Q: How does iovox store data?
A: We have made significant investments to host data on our own equipment in multiple data centers around the world to comply with the strictest international data regulations.
Q: What is the benefit of hosting data on your own equipment?
A: By storing your data on our own equipment, we limit the ability for a third party to be able to access your data without your consent.
Many services store their data on public cloud services such as Amazon AWS, and while this may be cost effective and scalable, it also opens your data to be accessed by the cloud service provider. Be it a sticky-fingered employee, at the request of a government agency, or a hacker who gains access to the cloud provider’s backend systems. If you’re storing your own data the risk for hacking significantly decreases.
Q: What sets businesses up to have data stolen?
A: Every company is a target for data theft, if you have data worth stealing someone will attempt to steal it. It’s not good enough to simply assume you are not a target, you need to ensure that you always have proper protections in place to protect your data and to assume you will be under constant attack.
Q: How does iovox keep data safe?
A: iovox uses multiple layers of security between customer data and the Internet, but we also use multiple layers of security to limit the risk to customer data between our servers. Even our employees are unable to access customer data directly, all actions are logged and audited.
All data stored at iovox is stored on our own equipment, we don’t use cloud services or any third parties, we own all the physical equipment and have it stored in dedicated racks within highly secure data centers around the world, which require biometric, along with physical identification.
Data is never sent unencrypted across public networks. All data is backed up and stored off-site to protect against data corruption and this allows us to recover from major disasters should they ever occur.
Q: What is the biggest misconception surrounding security?
A: That is doesn’t apply to me, security is important to all facets of our lives both online and offline. It should never be optional. Sure, a simple WiFi password might make it easy for you, but it also makes it easy for everyone else, even those you want to keep out. Would you leave your car unlocked with the keys in it?
Q: How do spam callers reach people and how can folks prevent this from happening to themselves, clients and customers?
A: Spam callers use two main methods when deciding who to call, collected information and a robo-dialer which calls a range of telephone numbers one after the other.
Technologies like iovox vastly aid in the prevention of unwanted calls. For example, when you use our numbers we detect what’s a spam number and what’s not – blocking any future calls from spammers.
Q: How do spammers collect the information needed to call you?
A: Ever enter a competition that requires a phone number, or shared your number with a website? Every time you share your data, some of it generally ends up getting stored, reused and/or sold to a third party.
This brings us back to why data security is important, a phone number could be considered metadata and data in its own right. If you share information and don’t understand what the receiving party will do with it, you could end up on a spam list and no one needs to get interrupted while having dinner to be sold solar panels.
Q: What steps can people take today to set themselves up for data safety now and in the future?
A: Carefully consider what data you are sharing about yourself and others, always assume if you share your data with an online or offline service it will get sold to others for either advertising, telemarketing or even stolen unless the provider explicitly states otherwise and is a reputable organization.
Q: What is iovox’s policy on reselling customer data?
A: I’ve been at iovox a long time and it has been ingrained in our entire workforce that customer data is sacrosanct, meaning we never have – and never will – sell customer data to a third party.
At iovox, we put security first. We hope this illuminates the world of data security and we look forward to sharing more insights and innovations in the coming months.
From outside the US please reach us at one of these numbers: