When it comes to security, voice over Internet Protocol (VoIP) solutions generally have a solid reputation. The industry has made a concerted effort to make its encryption, security, and privacy protocols as robust as possible as VoIP continues to grow in popularity, replacing the analog phone systems of yesteryear.
However, the weakest link in your security is often the human element. It’s vital that you provide your staff with regular training so they know the current best practices, do’s and don’ts, and what to look out for as potential risks. But people do make mistakes. What’s more, we like things to be easy, quick, and seamless. That’s why we too often see people cutting corners—for example, by sharing passwords. For businesses and solutions providers, the key is to bolster security while ensuring you’re not adding unnecessary inconvenience to teams.
This is why identity access management (IAM) is such a vital component of your security make-up. IAM helps you securely identify and control who has access to what resources and functions. It also helps remove the manual, error-prone processes of assigning and managing privileges.
At the front end, IAM also needs to be user-friendly. That’s why secure processes such as single sign-on (SSO) and one-click integrations with existing, secure profiles like Google Sign-In have become so important. These technologies provide user authentication, allowing a single user ID to access several related or independent systems securely.
Aircall’s New Security Features
At Aircall, we’re committed to security, alongside providing an ultra-smooth user experience. With that in mind, we’re pleased to announce that Aircall now offers two SSO capabilities, Google Sign-In and SAML-enabled authentication. With these features, employees already using identity providers or Google accounts at work can seamlessly and securely access their organization’s Aircall platform. Let’s take a look at how that works.
What is Google Sign-In?
Aircall users now have the ability to enable signing into Aircall via Google business accounts. When enabled, Google Sign-In applies across all Aircall products, including phone applications, dashboards, and browser extensions. Using Google Sign-In allows for a more streamlined experience for users.
Instead of requiring individual credentials for both Aircall and Google, users are now able to use one set of login details for both.
Additionally, by delegating your credentials management to Google, admins have full control over the password requirements they want to enforce. For example, Google lets you define a minimum password length for users, as well as when passwords expire, and enable 2-Factor Authentication (2FA). That means you can align standards across Aircall and Google and drive security compliance across your organization.
Take a look at our full walk-through on Aircall’s Google Sign-In feature for more information and guidance.
What Is Single Sign-On & How Does It Work?
Aircall’s SSO allows you to authenticate user access through your existing ID providers, including Okta, Auth0, Jumpcloud, Ping One, and Azure AD. Just as with Google Sign-In, SSO applies across all Aircall products, providing a more streamlined experience for users. This has the added benefit of reducing the risk of security issues arising from having multiple credentials spread across different apps and software.
To enable this feature, an admin of your Aircall account will first need to reach out to their Account Manager at Aircall.
Learn more about how to enable and configure SSO using an existing ID provider with Aircall in our full guide.
How Aircall Prioritizes Security
At Aircall, we take security seriously—so what do our own practices look like?
We follow a formal process to grant or revoke access to our resources. That system access is based on the concepts of “least-possible-privilege” and a “need-to-know” basis to ensure that authorized access is consistent with the defined responsibilities of each user. All employees are required to use a unique ID to access company systems. The use of SSOs helps with managing these IDs through Aricall’s IAM features.
Aircall also enforces an industry-standard corporate password policy. This policy requires passwords to change every 90 days. It also stipulates a minimum password length of 10 characters, along with complexity requirements, including special characters, upper and lowercase characters, and numbers. Alongside these requirements, we enforce multi-factor authentication (e.g., physical security keys) and single sign-on solutions.
Security isn’t a one-and-done element of business, though. Our authorizations are periodically reviewed (at least every quarter) to ensure consistency with the employee job role and we’re always exploring ways to strengthen security further—for our own employees and our customers.
Security and customer data protection has always been a key priority for us and our team likewise ensures we comply with all obligations set out by regulations such as GDPR and other frameworks. As we’re hosted on Amazon Web Services (AWS), we follow industry-leading security practices, keeping your data protected at all times with TLS 1.2 and AES 256 encryption methods to secure your data both in transit and at rest.
If you want to learn more about what we do and how you can follow best practices, take a look at our guide for managing VoIP security risks.
Feel the Benefits of Streamlined Access
Adopting SSO technologies enhances your business’s overall security posture while providing a seamless and secure access experience for your employees. Setting up SSO logins with Aircall couldn’t be simpler—so get started today.
Want to discover other ways you can boost security? Take a look at our deep dive into the ways in which Aircall ensures your teams are safe and secure.
Published on November 28, 2023.