Securing Your UC System
We live in a very different world than say just 10 years ago. Our business systems including our phone/UC systems are more open and standards based and more interconnected than ever before. This provides tremendous benefits but also requires us to be aware of the associated security risks.
Securing a UC system should not be an afterthought and there are many existing policies and best practices that can be leveraged. Let's examine a few of these.
Password and access policies:
All too often users never change their voicemail passwords and this has proven to be a very successful attack vector for initiating toll fraud. Since today's management interfaces are mostly Web based, password and access control is vital to protect confidential data like call records or preventing unauthorized changes to system configurations.
UC systems should, as a rule of thumb, be configured to utilize voice encryption to prevent snooping of voice packets. Since the enterprise LAN is accessible to one and all, this is an important consideration.
Protecting the perimeter:
SIP trunks are becoming very common now to connect an enterprise UC system to the outside world. IP packets carrying voice packets can flow end to end directly to an endpoint (IP Phone) inside the enterprise and firewalling is an absolutely required component in this scenario. Session Border Controllers can be a vital part of such a security solution.