Securing unified communication services an opportunity for partners

David Jacobs explains how channel partners can help their customers build a comprehensive defense as they integrate email, IM, telephony, conferencing and other communications.

Typically viewed as a technology applicable to large enterprises, unified communications offer benefits to even the smallest business. Integrating email, IM, telephony, presence, calendar and video and audio conferencing speeds decision making, enabling employees to communicate quickly with co-workers, partners and clients.

By integrating email and voicemail, unified communication services enable staff members who are out of the office to check either email or voicemail via a phone call or remote login. Presence information shows which staff members are available and whether they can be reached by phone, email or in person.

In this tip, we'll review how solution providers can help their customers build a comprehensive defense as they integrate the various communications.

Flexibility brings increased vulnerability
Integrating communications, however, means that an attack on one medium can become an attack on all. Historically, each means of communication -- email, IM and voice -- have been successfully attacked. While any attack can have serious consequences, in the past, damage was confined to a single medium.

Email security issues are well known. Attacks on IM have been less common, but have increased as instant messaging has expanded from personal use to become a common medium among employees, partners, customers and suppliers.

More on securing communication channels

Learn how the IBM-Avaya partnership addresses a unified communications opportunity.

Application control, a standard component of Web security gateways, allows customers to restrict services, such as instant messaging.
Up to now, the largest volume of attacks on digital PBXs supporting Voice over IP appears to be theft of service. Hackers gain access to a corporate private branch exchange, where they place long distance and often overseas calls, which in turn are then charged to the company. These theft-of-service attacks pose a potentially large expense for the targeted company, but have apparently so far not exposed internal corporate information.

Given that PBX security can be breached, the potential exists for an attacker to gain valuable information by accessing voicemail or by accessing call records to find the identities of customers, suppliers, current and potential partners, acquirers or acquisitions.
Building a successful defense is complex. It requires expertise in all of the potential avenues of attack, plus additional expertise to defend the interconnections among them. By developing this expertise, channel partners can render a valuable service to clients.

Unified communications opportunity: Building a comprehensive defense
The first step in building a secure unified communications capability is the same in every other major implementation. Work with your client to define what functions are required and how they will be used.

Most clients will have already chosen an email solution; many have probably chosen IM and voice arrangements as well. Unless there is a compelling reason to change vendors, it is most likely that your clients have effectively already completed vendor evaluation and selection. The channel partner and client should then be prepared to evaluate the incumbent vendor offerings to determine whether they meet clients' needs.

Include both signature-based and network-anomaly based protection. The extra effort required to configure anomaly-based protection is worthwhile due to the potential damage an intrusion can cause. Anomaly-based detection will help find zero-day attacks that may strike any or all of the aspects of unified communication. For example, incoming email could compromise system security, which could allow the attacker to then gain access to a voice mail database. Once the security of a unified communication arrangement is compromised, all communication media -- email, voice, IM -- is open.

Each of the major vendors has incorporated security in its unified communications offering and developed a list of partners to provide compatible products and services. Cisco has incorporated security mechanisms in its switches, routers and telephone handsets and offers a family of specialized appliances to protect against voice and video threats. Microsoft has integrated software products that address each communication medium and partnered with hardware vendors, including Hewlett Packard Co. and Juniper Networks Inc. to create its unified communications solution. Avaya Inc. has partnered with IBM to integrate Avaya's telephony equipment with IBM's Lotus software products.

Even with vendor selection completed, a unified communications implementation requires a detailed design effort with a concentration on security. Few clients have sufficient time or knowledge to design a secure solution. Therefore, channel partner efforts and expertise are critical to your client's business success.

Developing a customized solution
Integrators skilled in developing and supporting Linux-based software may choose to develop a customized solution based on one of the open source unified communications packages like Druid or sipXecs. Such a solution enables channel partners to offer an extremely low cost implementation or a solution designed specifically for a client's unique requirements. This approach, however, will require investing significant up-front time and a commitment to support clients 24x7.

Continued vigilance is critical
Whether a vendor or customized solution is chosen, software and procedures must be put in place to enable staff to identify security breaches immediately and take corrective action quickly. Channel partners should consider adding a security incident and event manager, or SIEM, product to correlate events across multiple components and display all aspects of the breach on a single console. With unified communications, attack indications will appear from components of the various media. SIEM brings all the reports together, correlates them and displays them all on the same management screen to make it clear that all these reports are related. The device gives the staff a greater visibility and allows teams to take action and address problems more quickly.

Finally, staff security awareness is as critical as vendor selection and system design. An employee who sends proprietary information via public IM can negate all of the effort made to create a secure solution.

About the author:
David B. Jacobs of The Jacobs Group has more than twenty years of networking industry experience. He has managed leading-edge software development projects and consulted to Fortune 500 companies as well as software start-ups.


This was first published in March 2010

Dig deeper on Application security and data protection

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

MicroscopeUK

SearchCloudProvider

SearchSecurity

SearchStorage

SearchNetworking

SearchCloudComputing

SearchConsumerization

SearchDataManagement

SearchBusinessAnalytics

Close