backgroundstore - Fotolia

Evaluate Weigh the pros and cons of technologies, products and projects you are considering.

UC security may increase following Snowden's NSA revelations

User and vendor concerns after the Snowden NSA revelations may bring increased efforts to shore up UC security in unified communications environments.

One of Edward Snowden's leaked documents was a National Security Agency (NSA) slide deck that outlined its Prism Online Surveillance System. More specifically, the document identified Prism providers as Microsoft, Yahoo, Google, Facebook, Paltalk, YouTube, Skype, AOL and Apple. Many of these companies have denied giving NSA access to their proprietary information. In fact, Google stepped forward recently to state that it would be encrypting Gmail to ensure the utmost privacy among Google servers and Gmail users.

Specifically, Google tightened the encryption of information from its various data centers to prevent data snooping by organizations like the NSA. This could have larger ramifications for the IT industry at large, as some larger enterprises are leading the charge in safeguarding user privacy.

The bigger question, however, is whether enterprise IT will consistently safeguard user privacy, particularly when government surveillance needs their help in issues that could impact national security.

It remains to be seen whether hardware manufacturers will invest as heavily in measure to prevent NSA snooping.

"It's good to see Google taking a lead on this issue and taking steps to preserve privacy," said Charles Tendell, CEO of Azorian Cyber Security in Denver, Colorado. "In fact, if law enforcement contacts Google about securing information related to a user, Google has been known to contact the user to inform them of the situation. That's indicative of the company's position. From my perspective, Google doesn't want to be a pawn [used by] the government and the public. At the same time, it's important to note that the company and other companies in the same situation do have interactions with the government, and there could be situations where this position won't necessarily be consistent based on the circumstances," Tendell said.

The fact that Google tightened customer data encryption indicates the appetite customers and users have for further data protection. It also reveals how government snooping has turned the stomachs of all types of users, both commercial and consumer, according to Orlando Scott-Crowley, director of technology marketing for London-based Mimecast.  

This tightening has made its way into communication equipment usage in many different industries. Bart Bartolozzi is senior product marketing manager of IPC Systems in Jersey City, New Jersey, a communication solutions provider that includes the Unigy platform and handsets used by the securities and commodities trading community. Bartolozzi said his company is putting end-to-end encryption in place that starts with the Unigy handset itself and goes across the Unigy platform all the way to the voice-recording (VR) archive.

"The VR archive encryption integration and coordination with the platform are unique and critical for both data sensitivity and compliance requirements," Bartolozzi said. "Data sensitivity in the financial market is of critical importance, so across all of the unified trading communications, it is a major focus for our customers."

More on upping UC security

Why unified communications components need more attention to security

As UC security threats rise, is anyone listening?

Heartbleed security vulnerability shines light on UC security

An overall climate characterized by such data sensitivity is likely to drive security into unified communication platforms that may not have taken such tight security measures. Existing security measures often are not strict enough and allow equipment and software developers to be somewhat complacent about the risks of snooping.

If they haven't already, other vendors are likely to follow suit if their platforms and software let them, Bartolozzi added. "We assume that security is designed into platforms today, but there are many instances where this has proven not to be the case, and providers have been shown lacking."

It remains to be seen whether manufacturers will invest as heavily in hardware as they have in software to prevent NSA snooping. To do so means change, plus a new and different cost construct to make their hardware. This may be a difficult business case to make.

"There are examples, like Apple iPhone 5s, with biometrics, but industry-wide, I expect hardware providers to lag behind software on this issue," Tendell said.

Tendell expects to see some efforts in the UC environment to safeguard privacy against snooping. "Efforts will be stepped up to secure unified communications," he said, "some of which the users won't see and some of which they will experience and help implement."

About the author:
Jim Romeo,, is a freelance writer based in Chesapeake, Virginia.

Dig Deeper on Unified Communications Security

Join the conversation

1 comment

Send me notifications when other members comment.

Please create a username to comment.

The note about consistency stands out to me - sure, Google is encrypting Gmail, but does that mean all Google users can rest easy? Probably not. Also, if hardware manufacturers are still enabling government snooping, this may all be for nothing.