unified communications

Being Secure on the Super-Highway to

Enterprise Collaboration

Being Secure on the Super-Highway to Enterprise Collaboration

Unified Communications (UC) has quickly become a staple of modern business culture. When an organization uses UC to remove barriers between communication channels, everything from conferencing to content sharing runs better. An added plus, UC actually reduces costs due to streamlined management and deployment.

The downside to all this, however, is that lock-tight security may be harder to achieve with UC. Or, at the least, it comes as an afterthought. The tools that enable Unified Communications can present numerous Cyber-Security vulnerabilities that could put an organization at serious risk. The savviest organizations are learning about these risks, then implementing their UC initiatives along with powerful protection measures.

This begs the questions:

  • What types of threats and vulnerabilities do UC tools bring to an organization’s network?
  • What, exactly, are those “powerful protection measures” shielding the network from?
  • What do UC Cyber-Security measures entail?

Learn how organizations can stay safe as they head into the deeper waters of full-scale, modern enterprise collaboration.

How Unified Communications Tools Put Organizations at Risk

As corporate communications have continued to move to the cloud and the multitude of devices used in the workplace has exploded, security management has become more complex. Apps, software, and hardware – even your telephony hardware – can all be used by attackers to access networks.

Application Vulnerabilities

Enterprise apps are a fast-growing segment that accounted for just over half of revenue share of the market in 2018. In the race to create and deploy products quickly, application vulnerabilities can sneak through.

Since SaaS applications that enable communication are not typically designed with security in mind, increasing your organization’s use of them can introduce vulnerabilities and create holes in an organization’s security defenses. Applications are a leading cause of data breach, especially when users ignore or don’t understand security best practices, like updating apps for patches and bug fixes on a regular basis.

Insider Threats

Employees can be some of the biggest threats to an organization, whether intentional or accidentally. If an employee uses the same devices for UC tools as they do other apps, the corporate data stored within the UC program could be at risk. Malicious apps can gain access to trusted apps on a mobile device without a user even knowing it, resulting in data leakage or enabling an environment where malicious programs can move laterally across the network. Applications don’t need to bet infected with malware to be used for malicious intent, either - they can come with default privacy settings that expose the user (and the company) to risk. With access to contacts, a malicious app can steal personal information, corporate information, and more.

Hardware Vulnerabilities

UC tools introduce hardware vulnerabilities, too. For example, deploying VoIP in a unified communications environment opens up new areas of attack. A common risk there is Toll Fraud, which is when unauthorized users are able to infiltrate an enterprise telephone system and make long distance phone calls, also known as toll calls. Hackers may even re-sell the toll calls on the open market for profit, causing UC costs to balloon out of control.

Denial of Service is another security risk that can accompany today’s UC solutions. Securing your environment has always been a priority but over the years, attackers have learned to exploit the vulnerabilities of the UC environment in particular by targeting certain IP ports used in Unified Communications deployments.

What do Organizations Need to do to Minimize These Risks?

Securing your cloud environment (i.e. your Unified Communications network) takes a comprehensive approach that covers these three steps:

1. Minimize Shadow IT

Software-as-a-Service (SaaS) has opened up new doors everywhere for organizations as they seek new ways to improve their business processes. But the very things that make SaaS perfect for business – easy integration, low initial cost, scalability, and hassle-free upgrades – are also what makes SaaS a security nightmare for IT.

It’s a widespread problem – most employees admit they’ve used non-approved SaaS applications while on the job. When they bypass IT to procure/install/configure/maintain their own applications, they create shadow IT. To minimize shadow IT, organizations can make sure employees are not deploying their own UC tools without IT’s knowledge by running a Shadow IT Assessment.

2. Implement the Right Tools

Good IT asset management is also important here, ensuring IT teams have consistent visibility into which programs are running on the network. Managing an ever-expanding unified communications ecosystem is a complex operation. Be sure to augment these tools with security solutions that minimize risk, such as access management tools that ensure only authorized users can access your corporate UC infrastructure as well as web application security tools to reduce vulnerabilities. Also, conduct security and compliance assessments regularly to ensure there are no vulnerabilities that could result in non-compliance or a data breech.

3. Practice Ongoing Security Management

Proper vetting and configuration of third-party tools is a good start. Using the right tools is essential, but managers need to think proactively in order to protect their assets in a cloud-based world.

Ongoing security management means conducting compliance checks on third-party tools, internal systems, and hardware that enables the UC environment. In addition, it means actively monitoring all enterprise applications with an eye toward updating them as often as necessary.

Cyber-Security Best Practice Awareness

UC networks are the basis for business innovation and the agility that modern organizations need in order to stay viable in a fast, global marketplace. However, collaboration and communication mustn’t come at the expense of security. Staying secure means not just implementing the IT initiatives mentioned here, but also getting everyone involved in keeping company assets protected. This brings us to the icing on the security cake: spreading best practice awareness.

Cyber-Security best practice awareness can help organizations change their “security culture” to prevent security risks that stem from user negligence. And, at the top levels, management can follow Cyber-Security best practices as well. This calls for proactive solutions like creating a Cyber-Security policy, identifying company assets, using risk assessment tools, and actively managing Cyber-Security with tools that prioritize unified communications along with other security concerns.

Protecting your business from today’s Cyber-Threats is an ongoing struggle, especially as more devices and applications are added to your network. Being aware of the risks these tools can bring and how to minimize them ensures your business reaps all of the benefits of unified communications without sacrificing data security.

Stay Efficient, Stay Secure

Make life easier with our Managed Security Services. In the cloud-first era, we can help you identify your risks, protect your assets, and stay ahead of security threats and compliance in a unified world.

Read more

Comment on this article

Leave a comment to let us know what you think about this topic!

Leave a comment


Bala Sathunathan

Bala Sethunathan

Director, Security Practice & CISO


Related Articles

  • 21 април 2021
  • Erik Moll
  • Future Workplace, User Productivity
  • Microsoft, Teams

Why Teams Breakout Rooms are a Game Changer for Collaboration

Several new updates to Microsoft Teams Breakout Rooms have been rolled out in an effort to make the workplace more productive than ever. Learn more.

Cybersecurity Update March 2021
  • 13 април 2021
  • Bala Sethunathan
  • Cybersecurity User Awareness, Cyber Threat Bulletin, Cybersecurity, Managed Security
  • Cyber-Threats

Cyber Security Update March 2021

About 80% of breaches occur due to poor passwords. Keep your business protected and learn how to improve your password security.

Implementing Artificial Intelligence

Beginning Your Journey to Implementing Artificial Intelligence

Artificial intelligence is much simpler than you may think. Discover the benefits and challenges of implementing AI within your organization.