Over the past few years, the industry has asked many IT directors about their Unified Communication Plan and analyzed and summarized the results and trends including driving force and challenge factors. However, when most IT directors focus on the business model, delivery functions, and integration challenges of the Unified Communication solution, they ignore the need to pay attention to the deployment of another Unified Communication System, it is also the most easily overlooked problem: security.
In general, we find that enterprises do not consider security during Unified Communication, or even have no special security experts to participate in the process, or, security personnel are allowed to participate at the end of the Unified Communication Strategy. This is a big mistake, because the introduction of unified communication poses a serious threat to the original voice communication system of enterprises. In addition to the constant attacks on data network resources, it also includes data loss and fraud issues.
In view of this, what security factors should the IT supervisor consider when deploying a Unified Communication System?
First, SIP relay. The SIP relay "creates" another channel for external attacks to the enterprise's telephone system. In most VoIP architectures, the PSTN serves as a fireproof channel between the enterprise telephone system and the outside world. Logically, the more isolated the VoIP system is from the outside, the security risks and attacks it faces will be much smaller. However, the introduction of SIP relay has changed all of this, making the enterprise's telephone system vulnerable to attacks from IP lines. Currently, SBC session boundary Controller) and SIP firewall can alleviate the security risks caused by SIP relay.
Second, eavesdropping. The network of the service provider that carries the VoIP traffic based on the SIP relay is usually not encrypted during transmission, which gives eavesdroppers the opportunity. In this way, the data exchanged within an enterprise is almost the same as that of other data on the Internet. It is conceivable how serious a threat is. In addition, employees with "ideas" within the company are not easy to eavesdrop on company secrets that need to be known.
Again, connect to each other. The communication between the Unified Communication System of VoIP and UC and other networks in the enterprise is also completed through SIP relay, which opens a "Green Channel" for Enterprise Security ".
In addition, mobile and wireless communications have also increased the security gap for enterprises' internal networks.
In summary, when deploying unified communications, the enterprise IT supervisor should not only consider security factors because they directly affect the system performance), but also carefully break down the channels for potential security risks, in order to maintain the normal and robust operation of Unified Communication, so that unified communication can gain enterprise benefits.