The biggest challenge to unified communications security starts and ends with one word: unified. UC systems combine functions that began life separately, such as voice and video, and present them to users as features of a single, unified application. Each function, however, has unique security needs and presents a separate attack interface. It's challenging to provide unified security for UC, because the requirements of each component application differ significantly.
Three goals for effective unified communications security
Organizations must recognize that security is multifaceted. They may value certain security aspects more than others, but three common facets of security should be considered by any business.
- Content security. Prevent content theft by using encryption options and even VPNs to make your content invisible or undecipherable should anyone intercept your traffic.
- Secure your environment from attack. Beyond credential theft, which is more than just a UC security concern, a likely security threat is denial of service (DoS). Over the years, DoS attacks have gotten more sophisticated and can target specific IP ports related to UC services.
- Protect against service hijacking. Years ago, hackers would use backdoors into company telephone systems and sell codes to allow free calls courtesy of the hacked company. Most UC systems today have a usage-based component that can be abused the same way as old phone systems. If a hacker can crack the code and start selling access to your system's voice-over-IP trunks, your UC costs could skyrocket.
Multifunction vs. specialized unified communications security
In the days before UC, the access router was discussed as an early multifunction security offering. Many vendors started building firewalls, VPNs and other security offerings as part of their integrated services routers. Essentially, UC vendors started to compete with stand-alone security vendors. The question was whether integrated, multifunction devices or specialized security devices, such as stand-alone firewalls, were needed to provide enterprise-class security.
Depending upon how crucial your UC system is to your business, you may want to pose a similar question. Don't forget to consider external security devices that sit at the perimeter of the system and provide an additional layer of security in front of your UC environment.
Dig Deeper on Unified Communications Security
Related Q&A from Kevin Tolly
Interoperability between collaboration platforms is scarce, but integrations are abundant. Learn why multivendor collaboration integration has more ... Continue Reading
T1, E1 and ISDN network technology have been used to transmit voice data for years. Compare the similarities and differences between E1 and T1 vs. ... Continue Reading
Partnerships between organizations rely on external collaboration. But, when a project ends, unresolved collaboration channels can be a weak spot for... Continue Reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.