Wildix Blog

3 March 20227 March 2022

Women in Tech: Claire Baker, Chalvington Group

We’re talking today with Claire Baker, managing director of the Chalvington Group. The company had its origins in the company her father, Melvyn Baker, set up in the ‘80s, and he’d go on to create a telecommunications arm called Chalvington Communications to better serve a wider range of customers with the emerging technology of the early 2000s. Claire joined her father after she completed her BA in Business Studies at the University of North London, and after the various companies merged in 2012, she became the managing director. The company currently has 1,500 clients in the UK, generating £3.8 million in turnover as of 2020 and is a key partner with Wildix in the UK.

You’ve been immersed in the world of communications tech for well over 20 years. What are the key changes you’ve seen since the 2000s?

Claire: The most notable changes are in connectivity and cloud-based solutions. ISDN2/analogue technologies became extremely stale, and the industry was in need of some va-va voom. I feel the investment that has been made in connectivity infrastructure has given telecoms a new lease of life. Don’t get me wrong — VoIP has obviously been available for years but only in areas where you can ensure decent connectivity, which were, until quite recently, few and far between

The explosive growth of the internet created new opportunities, but they also involved new risks, particularly as companies struggled to predict which emerging technologies would thrive and which would fall by the wayside. How did you mitigate those risks, and what long-term strategies do you use to ensure your services are likely to remain relevant?

I’m lucky to have a really good team of IT and telecoms engineers around me who live and breathe new tech. Like any other business, we made some poor choices early on and learnt from those mistakes. Our process is to select a number of manufacturers, put the equipment or software through its paces, create a top three based on what we know would be important to our customers and then these are presented to the relevant managers and directors to make the ultimate decision. This formula has been tried and tested over the years.

There’s been a big push within tech, in general, to include more women in more senior positions. What challenges does the industry have regarding that, and how could they be solved?

Men sometimes believe women aren’t technical. Naturally, there are technical situations that I wouldn’t be familiar with at a grassroots level, but that’s why I have a trusted team around me, some of whom have worked with my father for the best part of 20 years. However, I have always been a firm believer that you don’t necessarily need to know how to do the job to be a good leader — but you need to be able to get work done through others.

Everyone comes into a new business with expectations, and some turn out to be accurate and some less so. What expectations did you have when you became a managing director, and how accurate were those expectations?

What I can say is to be successful, a managing director should be able to manage and advance a business’s strategic objectives and be the face of the business. However, within a small to medium-sized enterprise this, in real life, is far from what takes up most of my time. I find I wear multiple hats, which isn’t necessarily what someone would maybe expect from an MD.

My main focus is on the oversight of the company’s high-level operational and customer-facing problems. We only thrive if we’re competent and able to keep our customers through the service we provide. Processing efficiency and reviewing our operating systems is another, together with the training and development of my senior management team to deliver the company’s values.

28 February 202222 March 2024

How the Great POTS, ISDN and PSTN Switch-Off Will Affect Your PBX

A grave with copper in it representing the PSTN switch-off

Copper cable is out, which has major ramifications for many businesses that rely on analog or digital PBX phone systems. Unfortunately, small businesses often aren’t aware that their current PBX infrastructure is fundamentally incompatible with the upgrade to fiber caused by the great POTS and PSTN switch-off.

The POTS and PSTN Switch-Off Problem

Major telephone infrastructure providers such as Openreach in the UK, Verizon in the United States and TIM in Italy already use optical fiber technologies rather than analog copper cable as a core part of their networks. However, a lot of the old-style copper cable remains in the last mile. This creates a major bottleneck when it comes to providing ultra-fast services to the consumer: Copper cable is slow and obsolete — hence the POTS and PSTN switch-off.

However, copper cables are powered, and fiber-optic cables are not. This is partly where the problem lies with old-school PBX telephone systems.

PBX: An Infrastructure Problem

A PBX is a private branch exchange. This essentially allows users to share a number of external phone lines through the use of extensions. The PBX routes an incoming number to a main switchboard, where it can be answered, or if an extension number is inputted, it can route it to the right person directly.

On-premises PBX phone systems are usually built into the fabric of a building, with many buildings of the ‘80s, ‘90s and early 2000s having extensive cabling run throughout the walls to facilitate this. These systems were a useful solution for the time, and they went from requiring a manual operator to having automated systems.

But there are several major issues with these systems: They work with copper cabling, and they have a limited feature set. Sure, you can forward calls, queue and put people on hold. But it’s not easy to integrate other systems into the PBX, such as instant messaging or video calling. Even worse, simply moving to a digital ISDN telephone system won’t work; that’s being discontinued too.

Moving to IP: PBX Upgrades

It may be possible to get your current analog PBX to accept an IP input, and there’s a wide range of options to do so. However, as many technology enthusiasts know, as products reach end of life, the equipment to maintain them becomes much more expensive, and replacements are equally as pricey.

Those who remember the analog TV switch-offs of the 2000s and early 2010s may remember that they could get adaptors for their old analog TVs, but these are now notoriously unreliable. Worse, those TVs are unable to accept the full feature set available. The accepted solution now is to go digital.

The same applies to analog PBX telephone systems. Cable upgrades, repairs and overall maintenance costs will only get higher compared to a digital system. Even worse, a physical system means it’s harder to route a call to someone who’s not at their desk without another layer of switching.

Who Should Consider a PBX Signal Converter?

Businesses that have lots of phones and no real need for enhanced connectivity may wish to consider a converter. This might include:

Hotels with in-room phones
B&Bs
Motels
Businesses with only one phone attached to their PBX

The last use case typically refers to businesses where a PBX system was installed many years ago but they now primarily use mobile devices to conduct business. However, even then, they may wish to consider an upgrade, thinking about how a unified approach to communication may benefit their business. And the hospitality industry can definitely benefit from the wider range of services offered by a cloud-based PBX and its associated unified systems.

On-Premises PBX vs. Cloud PBX

The two main challengers to analog PBX telephone systems are on-premises IP PBX systems and cloud-based PBX telephone systems. These use the same essential internet technology but in different ways:

On-premises PBX: Major capital expenditure but that’s offset partly by lower operating costs. It typically requires a dedicated team of IT support staff to maintain.
Cloud-based PBX: Third-party solution, often with limited capital expenditure and slightly higher operating costs. Maintenance is done by the third party, and unified systems can easily be included along with potentially unlimited scalability.

Larger businesses that already have dedicated PBX systems often prefer the on-premises solution, although it can be difficult to quickly expand if they’re moving to new offices. Setup can be tricky as well. For agile large businesses that need flexibility, a cloud-based solution often works better than an in-house system, especially as their workforce becomes more distributed due to remote working.

Smaller businesses usually find that cloud-based PBX solutions are more in line with their budgets and their existing IT commitment, letting them leave most of the work to the third party.

When Are Copper Networks Shutting Down?

As with any technology rollout, there’s a range of dates across different countries. Plans also vary depending on how the incumbent or dominant telephone provider plans to switch over to fiber, and there are substantial commercial and logistical hurdles to doing so.

- United States: On-going, with different companies operating at vastly different speeds
- United Kingdom: Full PSTN switch-off by December 2025
- Italy: 65% shutoff by 2023 but doubts remain about full copper switch-off
- France: Switch-off by 2030 with local switch-offs occurring from 2021.
- Spain: Full copper switch-off by 2025

Ultimately, as copper networks continue to be switched off across the globe, company PBX systems will need to be upgraded. And cloud solutions such as Wildix can be rapidly deployed across thousands of systems in a few easy steps.

24 February 20227 March 2022

What the Russian Invasion of Ukraine Means for Companies With Russian Exposure

As Russian tanks move onto Ukrainian soil, we have to ask what the impact will be on operations for companies within Russia and beyond. Companies like Microsoft, Google and RingCentral all have extensive operations within the country, and it’s clear that they’re going to have to rethink their strategy significantly, causing severe disruption.

Possible Actions Against Russia

Much of their strategy depends on what actions Western powers take against Russia. Ukraine’s foreign minister Dmytro Kuleba has called on the West to do the following:

- Devastating sanctions on Russia, including through SWIFT
- Fully isolate Russia by all means
- Detach Russia from the internet
- Weapons, equipment for Ukraine
- Financial assistance
- Humanitarian assistance

SWIFT

The most discussed of these is SWIFT, which stands for the Society for Worldwide Interbank Financial Telecommunication. It’s based in Belgium, but it helps coordinate international inter-bank transfers. Cutting Russia off from SWIFT would prevent companies and nations from being able to transfer money in or out of the country in a safe and convenient way.

While many companies keep some financial reserves within the country, these tend not to be high. As a result, paying staff within these countries is likely to prove difficult. This also includes paying for meal allowances, taxes and other benefits, as well as rentals, vehicles and similar costs of doing business.

While SWIFT isn’t the only tool in use to coordinate transfers, it’s the biggest, and its loss would be painful. Had it been done in 2014 in response to the invasion of Crimea, the Russian economy would likely have shrunk by around 5%, according to the then Russian finance minister, Alexei Kudrin.

Now, its effect would likely be a little less severe, but the impact would definitely be felt.

Complete Isolation

The current package of proposed sanctions is unknown, but the UK and the United States have both announced further measures, and a UN meeting has been triggered. Spain, France, Italy and Japan have also condemned Russia’s military actions. It’s likely that any package will target:

- High net worth individuals in Russia
- Major banks
- Trade of technological products
- Trade of oil
- Russian-based broadcasters

However, it’s unclear exactly how this phrasing will be worded and what precise products will be targeted. It’s certainly possible that businesses with significant development assets in Russia may be heavily affected, as they rely on a free flow of information, tech and money.

This, of course, is reflected by their share prices. RingCentral’s (RNG) has already slid around 25% over the past five days, and it’s unlikely to improve with this news. Zoom (ZM) has also slid — although that’s more due to disappointing Q4 results — and even Microsoft (MSFT) is reeling.

Businesses with interests in metal exploitation in Russia have been hit the hardest, though, with Polymetal International (POLY) losing a third of its value (it operates gold and silver mines in Russia and Kazakhstan) and EVRAZ (EVR) losing nearly a quarter (it has steel, mining and vanadium operations in Russia). That’s not to say that tech companies in Russia won’t be hit, but it looks like the market is waiting to see what announcements will come out of various government bodies.

Should Russia become completely isolated, it’ll have severe repercussions across the world. Businesses will find it hard to operate in Russia as they could face sanctions themselves, and it could spell the end of the Russian development industry. It’ll be hard for companies to move Russian developers to more stable countries, as well, as it’ll be hard to get visas.

In addition, the price of oil will likely spike, as Russia is responsible for 10% of the world’s supply, and Germany is particularly reliant on Russian gas.

Weapons, Finance and Humanitarian Support

While Russia’s military is significant, it’s clear that the Ukrainian military is strong, and it’ll be fighting on home territory. Packages that include direct or overt military support, however, are unlikely, as many countries are reluctant to directly engage in conflict.

However, finance and humanitarian packages are likely, as they tend to be less politically contentious. These usually support organizations within Ukraine and the Ukrainian government that deliver necessary services, skills and food.

The Aftermath

What will happen in the long term is anyone’s guess at the moment. Russia is holding its cards very close to its chest, although the numerous explosions throughout Ukraine suggest it’s thinking about taking a significant area of the country. However, it’s clear that the more Russia does, the more severe the consequences will be. And businesses that maintain their connections to the country will find it harder and harder to justify their stance, particularly as sanctions and other international efforts disrupt their regular operations.

16 February 202230 August 2022

Women in Tech: Cyna Milinazzo, President and CEO of Liberty Communications

Cyna Milinazzo is the owner of Liberty Communications – a telecom provider in Colorado and proud Wildix partner.

I had the privilege to sit down with her to discuss her background in telecom services, her experience as a woman in the industry, and why she chose to partner with Wildix:

Cyna Milinazzo in Her Own Words

My introduction to the telecom industry came in 1985 when I began my career working for my brother’s telecom business. After a few years of managing his office, I expanded my knowledge in the industry by moving on to work for a business that specialized in underground cabling. Unbeknownst to me at the time, the experience I gained from this transition set the stage for pivotal business decisions I would make in the future.

Eventually, I found my way back to working with my family as I partnered with my three brothers to run our own telecom company, which also came with all of the inherent ups and downs of running a family business. Even though I had the least ownership of this company out of all of us, I always treated it as my very own knowing that someday I would love to break out on my own in the telecom industry.

In 2006 when I asked my husband to quit his electrician job and join me in starting a new company, I was thrilled when he actually took me up on my idea!

We created Liberty Electric, specializing in low voltage structured cabling as a subcontractor for many small telecom companies in the Denver Metro area.

Starting a new business wasn’t easy – there is always tremendous risk with a startup, and Liberty Electric wasn’t even profitable for the first year.

It was a scary time financially as I continued working with my brothers while my independent cabling company grew.

I finally decided to take the leap in 2011 and left the family business to devote all my time to my own company.

In order to incorporate my expertise and provide our customers with comprehensive solutions, I expanded Liberty Electric by bringing in telecom services and updating the company name to Liberty Communications. My business has been flourishing ever since, and I’ve never looked back!

A year and a half ago when Wildix approached me, at first I didn’t see a need to add Wildix to our array of products. It has always been a challenge to gain more market share without losing the “boutique” approach we offer our customers, and I’ve always been committed to remaining focused on this integral aspect of our business model.

I had begun to notice a shift in the market at that time, though, and I was just starting to realize that I needed to be thinking about ways to differentiate Liberty Communications from others in our field.

Although we have been courted by many different vendors over the years, we’ve always been very selective about who we decide to take on.

After learning more about Wildix we were confident that you’re one of the good ones – I am so happy that Liberty Communications made the decision to add you as a vendor.

I envision Wildix as our vehicle for achieving a leading role in the Colorado market without losing what makes us special.

Being a woman in a traditionally male-dominated workforce has its challenges – finding the right network to move beyond plateaus can be tough.

Twenty-some years ago it was quite a challenge for a woman to gain respect in male-dominated industries such as IT or construction; today, challenges still exist but are often more subtle.

When starting out in the telecom industry, I let myself be somewhat shielded behind my brothers as I navigated the system and learned invaluable lessons. I’ve been ignored by owners and contractors, excluded from construction meetings, and dismissed when trying to set sales calls.

After years of persistence, I’ve gained much more knowledge and distinction in the industry, and am now well known for my expertise and enthusiasm.

I’ve now been in the industry for so long, other telecom companies contact us for help when they need a hand – everyone in the area knows that Liberty Communications is there to help, without a second thought, and that we deliver quality products and reliable services.

I could have let challenging situations scare me off, but I embrace the fact that some say I’m sort of a “bull-dog” in male-dominated industries.

I even now also own a roofing company serving clients in the Denver Metro area as well. And I’m proud to have developed Liberty Communications as a company of go-getting, powerful women who support and inspire each other to be the best they can be every day.

On top of owning small businesses, I’m a wife, a mom, and a caregiver for my own mother. Finding my work-life balance can be difficult, as it is for many women, but at the end of the day I love to work, and this business is my passion.

I’m living the life I want and am lucky enough to not only have a supportive family circle behind me but to also be surrounded by hard-working, inspiring men and women every day at Liberty Communications.

Update

Since the original publication of this article, Cyna was chosen as one of the 2021 CRN Women of the Channel. With unprecedented circumstances causing massive overhauls in the industry, CRN focused on honoring women who lead their companies through times that were anything but normal.

“During the pandemic, Milinazzo’s role was not only to maintain growth goals but provide greater value and application of the company’s technologies. She sustained business in the channel and grew it 20% over the previous year.”

1 February 20225 February 2024

Are Your Desk Phones Listening In On You?

Yealink vulnerabilities show how that in UCC, security matters

For better or for worse, data collection is something many of us have become accustomed to. From cookies on webpages to search terms being tracked, our activity over the internet is normally monitored to some degree, even to the point of general acceptance.

That said, as much as we’re used to that level of web tracking, we would be shocked to learn of similar tracking happening over business telephone systems. After all, it’s highly unusual for office phones to be actively gathering data on us, in particular because for most businesses, voice calls are where highly confidential knowledge is exchanged.

So, what happens if it becomes clear your phone system has the capability of actively listening in on you?

Worse, what if you can’t even know for sure who’s on the other end of the line?

Security Concerns from Yealink

These questions are especially relevant for business owners now in the wake of a troubling report regarding phones by the Chinese-based vendor Yealink, especially their T54W devices, which raised concerns about the privacy and security of the company’s hardware.

On September 28 of last year, US Senator Chris Van Hollen (D-Md) filed a letter to the US Department of Commerce referring to a report conducted by the consulting firm Chain Security. In that referenced report, Chain Security noted numerous security flaws in Yealink devices, along with numerous functionalities that appear to intentionally gather customer data.

More worrying still, Chain Security’s report concluded it is “highly likely” that Yealink is sharing customer information directly with the Chinese government, especially through its hardware.

This data gathering appears to occur primarily through how Yealink phones interface with company networks and PCs. Namely, Yealink devices make use of a device management platform (DMP) to connect to programs running on the PC. In most circumstances, this would be perfectly normal for the vast majority of VoIP hardware that connects to a PC-based system.

What’s far less normal, and even outright alarming, is the fact that the Yealink DMP is then capable of recording voice calls and even tracking web history on that connected PC — both without the end-user’s knowledge.

Potential Tracking Components

According to the Chain Security report, the Yealink DMP “collects and retains the WAN IP” of the end-user’s device, and can log any web traffic from devices connected to it. This is in addition to how the DMP collects call records conducted either on the phone or any devices connected to it.

All this is worth noting in particular because the Yealink DMP can be operated by a remote Yealink employee, who can use the platform to access any collected data, be that IP addresses, web traffic or entire call recordings.

More concerning still, using the Yealink DMP, remote Yealink employees can at will enable recording on an active call and retain the recording afterwards

This access doesn’t appear to be used by Yealink on an occasional basis, either. Chain Security also notes that during “normal operations” Yealink phones communicate with Chinese-controlled AliCloud servers, suggesting potential control and interception of the exact kind described above.

Metaphorically speaking, none of this may be an actual fire, but the monitoring activity combined with the server contact certainly make for a lot of smoke. (Things get even more suspicious as we consider Yealink’s direct and long-established ties to the Chinese government and their continued data sharing with them, Chain Security likewise reports.)

Broader Security Concerns

Beyond these problems, Yealink devices in question appear to have just plain obvious security flaws — ones which may compromise an entire company server.

Chain Security points out that Yealink phones are “pre-configured to accept credentials for connection and access to the device from 187 ‘trusted’ digital certificate authorities.” In other words, entirely unknown to the end-user, Yealink devices may be accessed by an incredible amount of additional entities, meaning if any such users are compromised they’ll have easy access to Yealink end-users’ networks.

But hackers may not even need to be a “trusted” authority anyway. Unknown entry to the device is further blown open by its inability to protect against brute force login attempts, meaning hackers are fully capable of accessing it simply by guessing username/password combinations.

As if these factors weren’t bad enough, the Yealink devices lack industry-standard digital signatures to authenticate valid changes to firmware. As a result, if external actors gain access to the phones, they can instantly overwrite current software on them so long as the new firmware is compatible with the hardware.

This easily means a hacker can install firmware that surveys not just what’s recorded on the Yealink phone (using the aforementioned data collection it performs), but even activity across the entire company network.

The Bottom Line on Yealink Devices

What this leaves us with is a phone that can record calls, IP address and web activity — all at any time and without the end-user’s knowledge — and communicate that data elsewhere.

While it’s easy or even proactive to assume the data will end up at Yealink or even the Chinese government, it’s just as possible that entirely unknown agents can exploit the vulnerabilities in these phones for their own ends. Either way, the result is far less than desirable for any business.

By all accounts, even in an age where data collection is to be expected, the security architecture in Yealink phones allows for far more surveillance than any business should feel comfortable with.

Bigger Takeaways

While this should certainly serve as a warning for anyone interested in Yealink phones in particular, we can also draw larger security takeaways here.

It should be first noted that using this example to cast doubt on all Chinese-produced hardware would be ridiculous; after all, an enormous number of devices are produced in China and have nowhere near these issues.

The actual bigger questions are those over security and trust in general. As this example shows, communications hardware has incredible potential to intrude upon your privacy, even to the point of acting as a covert surveillance device right on your desk.

To keep yourself secure, it’s vital that you be able to trust the manufacturer of VoIP devices. The vendor needs to be able to demonstrate not just effective security measures, but a willingness to give up their own control of devices outside applying necessary software updates.

When considering a new vendor, then, there are plenty of important questions to ask: for example, how much is your vendor telling you about the security parameters in their hardware? What role does the vendor play in managing the device after it’s sold? What ties does your vendor have to other entities that might want your business’s information?

Above all, if a vendor is holding onto things like permanent DMP access, it should instantly raise a red flag. Capabilities for remote control in this manner are all but certainly going to be either poor security design at best, or active attempts at datamining at worst.

To keep your business fully secure, it’s crucial to weigh these factors such as much as any other security points. If you can’t trust your vendor to protect your own privacy, after all, what good are they as a technology partner? And if they’re clearly sharing data with a government involved in information warfare, the situation only becomes more problematic.

When you weigh your options for hardware, then, don’t just consider security in broad terms. Just as vital is to consider how much trust you can put in the vendor to keep you safe — or, more important still, whether the vendor itself is a potential security threat.

To see how Wildix designs security in our UCC systems, check out our free white paper.

For more updates on security in the UCC industry, subscribe to receive our magazine for free!