By Katie Wilson, Marketing Director at Clone Systems, Inc.
With all the news about computer and network attacks, it can be easy to forget that your voice and unified communication (UC) services are just as connected to your infrastructure as everything else. Unfortunately, voice and video security are seldom part of the security audit process, making their vulnerabilities even easier to overlook. However, your voice and UC systems process the same user and customer information your network does, and thieves will use their weaknesses to steal that information. This makes security for these devices and services essential.
This article will answer the following:
- What does UC entail?
- Why do you need voice and UC security?
- What should a voice and UC security system provide?
What does UC entail?
Most people think of UC as just being your voice and conferencing devices, but it actually encompasses so much more. UC can include any of the following:
- Instant messenger
- Telephony (including IP telephony)
- Video conferencing
- Desktop and data sharing software (including web conferencing and whiteboards)
- Speech recognition software
- SMS messaging
Basically, think of UC as any software or device you use to communicate.
Why do you need voice and UC security?
Hackers can cause the same chaos to your UC system that they can to your network. They can attack your UC system through:
- Theft of Service. They can gain control of any SIP devices. Once they gain access to the device, they can access your OS and other software. From there, it’s just a matter of deciding what other crimes they want to commit (e.g., toll fraud or stealing user identities).
- Denial of Service. Hackers can overload your UC systems with requests to make your system unusable. In addition to delaying business for a day or more, this hack will also leave your network vulnerable to other attacks while your team is busy trying to get your UC system back online.
- General theft and eavesdropping. One of the most common attacks UC systems encounter is through premium rate numbers. The hacker uses your voice system to call the premium number and simply collects money. This can lead to fraud costing $1 million or more.
If you have customers who call in using their credit card or bank numbers, hackers can also eavesdrop on these calls and steal your customers’ information.
- Spam or phishing. This is the same as email spam and phishing, but instead of annoying emails, your employees receive unsolicited calls. Should one of your employees accidentally reveal any information during one of these calls, your entire network could be hacked.
What should a voice and UC security system provide?
A good voice and UC security system should be able to do all of the following:
- Identify threats to your network.
- Classify those threats based on type and severity.
- Stop known and unknown threats.
- Collect and analyze logs. These logs should be able to record where attacks originated, where they were received, how long they lasted, and when they took place.
- Be vendor agnostic to ensure it can work with any device or service you currently have or may have in the future.
- Ensure you are in compliance based on the standards of your industry.
- Work in conjunction with your IPS, SIEM, and log management (big data) services.
Ensuring your UC systems are secure can save you millions by preventing fraud and disruption to your daily business. To protect your network, you should find a security service that focuses specifically on voice and UC systems and can protect your company 24x7.