How to Protect Unified Communications Against Cybersecurity Threats

A company’s relationship with the Internet is much like a marriage of convenience. If the pair were to have a child, it would be UCaaS. UC is the integration of business communication services across multiple devices and media types. So we’re talking about your phone calls, video conferencing, instant messaging, SMS, and email for example.

Very much like a vulnerable child, for UC safety is always an issue. Indeed, cyber attacks are most likely to go for your communication channels before anything else. Moreover, whether arriving via spam, first generation software, or phishing, attacks always spell bad news. As more and more companies deploy unified communications as their core contact centre technology, we must now understand how to defend it.

So what’s the best way to protect our beloved UC given it’s still relatively in its infancy? Well, we’ve shared some pointers in this post that should help you safeguard against attacks. 

The Growing Threat of Cyber Attacks on Business

With the business industry quickly moving UC online, and with customers becoming more digitally connected through the Internet of Things (IoT), cyber assets are now at greater risk than ever

Companies are logically making security a priority. A recent report by ESG Global found that 60% of organizations they surveyed were increasing their cybersecurity budgets this year. Furthermore, Cybersecurity Ventures states that cyber attacks are the fastest growing crime globally. It predicts that its damages will annually cost $6 trillion worldwide by 2021.

Source: Hackmageddon

In April of 2019, around 540 million of Facebook users’ records were exposed and published on Amazon’s cloud computing service. Within the same month, Facebook had also unintentionally made more than a million user emails public. 

Capital One was also a victim of a major cyber attack in March of the same year, when a hacker gained access to 100 million customer accounts and credit card applications. 100,000 Social Security numbers, 80,000 bank accounts, and an undisclosed number of credit scores, balances, and addresses were also compromised. These are just two of the largest cyber attacks in the last year, and new security threats continue to emerge at a rapid pace. 

Cybersecurity attacks can result in the disruption of networks as well as unified communications systems paralysis. They can cause irreparable damage to businesses, and can even go as far as causing military equipment failure and breaching of national security secrets. 

Because Cyber Threats increase exponentially every year, for most companies cyber attacks are no longer just a possibility, but an inevitability. So what can companies do to protect themselves? 

Invest in Employee Education 

A majority of cyber issues are a direct result of simple human error and judgement. According to EY’s Global Security Survey 2017, 74% of cyber attacks are due to careless or untrained employees. 

Scam emails and even weak or repeatedly used passwords are simple but effective channels for hackers. Phishing schemes are a recurring problem that employees continue to face, and most of them are ill-equipped to handle them. 

Cyber security policies and digital awareness must be put into practice to keep employees up-to-date on cyber security protocol. Businesses should invest in training programs and other relevant online learning tools  to educate their employees on what to do in case of a potential threat or attack. 

Create a Security Culture

A security-driven community culture also needs to be created within the company. 

With the growing use of remote work tools, and new kinds of cyber threats rising just as quickly, there must be a venue for corporate security experts and security teams to regularly meet and discuss how to stay ahead of potential attacks. 

A structure of different communication groups within the business must be put together to address the different technology platforms, whether through calling, messaging, or emailing. Larger companies should also consider having teams specifically responsible for streaming and social platforms. 

Maintain an Effective Configuration Management Database (CMDB)

Most companies overlook their CMDB, which makes their organizations more vulnerable to attacks. 

By not keeping a well-maintained CMDB, businesses are more likely to find difficulty in implementing security procedures. This will open the door to more mistakes, and cost the company more time and resources down the line. 

Reinforcing CMDB and keeping equipment up-to-date can help secure organizations from threats. 

Update Information Security Management System (ISMS) 

Having an ISMS won’t do a company much good if it fails to do its job when needed.

Since we’ve established that cyber threats are always present, companies must not be complacent in checking that their ISMS is performing the way it should. A review of the system should become a regular practice, and security policies and procedures must be adjusted and optimized according to current threats. 

Another thing to consider when assessing ISMS is reinforcing the network itself. Businesses should look into session encryption and spam blocking, and decide on the cloud architecture that best addresses their needs.  

Consider the National Institute of Standards and Technology (NIST)

The NIST, which is a physical sciences laboratory and non-regulatory agency of the United States Department of Commerce has presented a study listing guidelines to improve critical infrastructure cybersecurity. 

While these guidelines should be considered in its entirety, let’s focus on the 5 steps in its framework.

Source: NIST

Identify

The first step is to understand the current business infrastructure, and to identify any possible cybersecurity risks to its systems, people, assets, and data. 

Since Unified Communications are the easiest and most common targets, resources must be assessed to know the businesses’ capability to handle any cybersecurity risks in its most vulnerable areas. This will enable an organization to focus its efforts to its particular needs, and to implement the necessary safeguards and critical services to lessen the risks of a cyber attack. 

Protect

Layered security like antivirus softwares, firewalls, patch management, and password management should also be considered, depending on the company’s risk assessment and risk management strategy.  Data should also be backed up regularly

This can help limit and contain the impact of a potential cybersecurity breach. 

Detect

Because the risks of cyber attacks are so high, being able to detect and discover cybersecurity threats as timely and as quickly as possible is of utmost importance. Ongoing network monitoring should be implemented, devices should be protected, and detection processes should be developed. 

Companies should consider using multifactor authentication as well as encrypting hard drives. Up to date technologies and VoIP phones are essential in ensuring that networks and unified communications are not vulnerable to cyber attacks. 

Respond

Any security incident can become a crisis if not handled the right way. These should be treated depending on potential damage, and employees should be prepared and well-trained to address security threats in a timely and efficient manner. 

Companies must have an optimized crisis management process to lessen the impact and the damage of a cyber attack. Response planning must be prioritized and constant improvements must be made to be able to properly contain potential damage to as little of the company as possible. 

Recover

Strategies for recovery must be regularly discussed and updated in the event of a cyber attack. External partners like cybersecurity specialists and government organizations should also be tapped, depending on the scale and reach of damage. 

Recovery plans must be able to contain and reduce the impact of a cybersecurity breach, and restore normal operations in a timely manner.

Source: MindMajix

Why Companies Need to Act Fast

While the Internet provides many conveniences, it also has its consequences. With every development the Internet has to offer, cyber threats continue to meet them head on.

This is why businesses need to start putting more importance on their cybersecurity. Companies must be able to keep up with the evolution of cyber threats, which become more potent everyday.

While putting up defenses for cyber attacks may seem daunting, it is still possible. But priorities must be set, and a cybersecurity-culture must be created.

Sam O’Brien is the Senior Website Optimisation & User Experience Manager for EMEA at RingCentral, a Global VoIP, video conferencing and VoIP Server provider. Sam has a passion for innovation and loves exploring ways to collaborate more with dispersed teams. He has written for websites such as Socialnomics and TechNative. Here is his LinkedIn.

Follow us on social media for the latest updates in B2B!

Image

Latest

Maestro
Maestro All-In-One PMS and Data Plus Collaborate to Provide Seamless End-To-End Integrations for the Famed Francisco Grande Hotel & Golf Resort
September 10, 2024

The historic sports training destinations is now benefitting from improved access to financial management technology and enhanced integrations across all operations departments MARKHAM, Ontario, Sept. 10, 2024 — Maestro PMS, the hotel industry’s leading Web Browser-based cloud and on-premises all-in-one property-management system, has teamed with industry-leading financial management platform Data Plus to elevate the technology offerings…

Read More
AI in Pro AV: Addressing Opportunities, Use Cases, and Concerns w/ Joe Pham of QSC and Q-SYS
September 10, 2024

On this episode of Pro AV Today, we break down the topic du jour in Pro AV: artificial intelligence. Joe Pham, the Chairman & CEO of QSC | Q-SYS, joins Ben Thomas to talk about how AV and AI are coming together and pushing the AV industry forward. Key Topics: Decoding AI in the…

Read More
back to school
Safe Return: How Schools Can Prepare for a Back-to-School, Part 2
September 10, 2024

In this episode of School Safety Today by Raptor Technologies, host Dr. Amy Grosso sat down with Craig Straw, Director of Safety and Emergency Management for Houston Independent School District (HISD). Listen and learn as he shares his experiences and strategies for back-to-school preparations and school safety management. KEY POINTS: Holistic Approach to School…

Read More
qualified small business stock
Qualified Small Business Stock (QSBS)
September 10, 2024

In this episode of Weaver: The Alternative Edge, hosts Blayne Lowary and Vardeep Mann delve into the intricacies of Qualified Small Business Stock (QSBS). This conversation provides crucial information for investors and fund managers looking to maximize tax benefits through QSBS. Lowary and Mann bring valuable insights into how QSBS can be a significant advantage…

Read More