How to Protect Unified Communications Against Cybersecurity Threats

Sam
Sam O' Brien
Sep 10, 2020
cyber-security exposure protection remote work SaaS UCaaS unified communications
Share this post

A company’s relationship with the Internet is much like a marriage of convenience. If the pair were to have a child, it would be UCaaS. UC is the integration of business communication services across multiple devices and media types. So we’re talking about your phone calls, video conferencing, instant messaging, SMS, and email for example.

Very much like a vulnerable child, for UC safety is always an issue. Indeed, cyber attacks are most likely to go for your communication channels before anything else. Moreover, whether arriving via spam, first generation software, or phishing, attacks always spell bad news. As more and more companies deploy unified communications as their core contact centre technology, we must now understand how to defend it.

So what’s the best way to protect our beloved UC given it’s still relatively in its infancy? Well, we’ve shared some pointers in this post that should help you safeguard against attacks. 

The Growing Threat of Cyber Attacks on Business

With the business industry quickly moving UC online, and with customers becoming more digitally connected through the Internet of Things (IoT), cyber assets are now at greater risk than ever

Companies are logically making security a priority. A recent report by ESG Global found that 60% of organizations they surveyed were increasing their cybersecurity budgets this year. Furthermore, Cybersecurity Ventures states that cyber attacks are the fastest growing crime globally. It predicts that its damages will annually cost $6 trillion worldwide by 2021.

Source: Hackmageddon

In April of 2019, around 540 million of Facebook users’ records were exposed and published on Amazon’s cloud computing service. Within the same month, Facebook had also unintentionally made more than a million user emails public. 

Capital One was also a victim of a major cyber attack in March of the same year, when a hacker gained access to 100 million customer accounts and credit card applications. 100,000 Social Security numbers, 80,000 bank accounts, and an undisclosed number of credit scores, balances, and addresses were also compromised. These are just two of the largest cyber attacks in the last year, and new security threats continue to emerge at a rapid pace. 

Cybersecurity attacks can result in the disruption of networks as well as unified communications systems paralysis. They can cause irreparable damage to businesses, and can even go as far as causing military equipment failure and breaching of national security secrets. 

Because Cyber Threats increase exponentially every year, for most companies cyber attacks are no longer just a possibility, but an inevitability. So what can companies do to protect themselves? 

Invest in Employee Education 

A majority of cyber issues are a direct result of simple human error and judgement. According to EY’s Global Security Survey 2017, 74% of cyber attacks are due to careless or untrained employees. 

Scam emails and even weak or repeatedly used passwords are simple but effective channels for hackers. Phishing schemes are a recurring problem that employees continue to face, and most of them are ill-equipped to handle them. 

Cyber security policies and digital awareness must be put into practice to keep employees up-to-date on cyber security protocol. Businesses should invest in training programs and other relevant online learning tools  to educate their employees on what to do in case of a potential threat or attack. 

Create a Security Culture

A security-driven community culture also needs to be created within the company. 

With the growing use of remote work tools, and new kinds of cyber threats rising just as quickly, there must be a venue for corporate security experts and security teams to regularly meet and discuss how to stay ahead of potential attacks. 

A structure of different communication groups within the business must be put together to address the different technology platforms, whether through calling, messaging, or emailing. Larger companies should also consider having teams specifically responsible for streaming and social platforms. 

Maintain an Effective Configuration Management Database (CMDB)

Most companies overlook their CMDB, which makes their organizations more vulnerable to attacks. 

By not keeping a well-maintained CMDB, businesses are more likely to find difficulty in implementing security procedures. This will open the door to more mistakes, and cost the company more time and resources down the line. 

Reinforcing CMDB and keeping equipment up-to-date can help secure organizations from threats. 

Update Information Security Management System (ISMS) 

Having an ISMS won’t do a company much good if it fails to do its job when needed.

Since we’ve established that cyber threats are always present, companies must not be complacent in checking that their ISMS is performing the way it should. A review of the system should become a regular practice, and security policies and procedures must be adjusted and optimized according to current threats. 

Another thing to consider when assessing ISMS is reinforcing the network itself. Businesses should look into session encryption and spam blocking, and decide on the cloud architecture that best addresses their needs.  

Consider the National Institute of Standards and Technology (NIST)

The NIST, which is a physical sciences laboratory and non-regulatory agency of the United States Department of Commerce has presented a study listing guidelines to improve critical infrastructure cybersecurity. 

While these guidelines should be considered in its entirety, let’s focus on the 5 steps in its framework.

Source: NIST

Identify

The first step is to understand the current business infrastructure, and to identify any possible cybersecurity risks to its systems, people, assets, and data. 

Since Unified Communications are the easiest and most common targets, resources must be assessed to know the businesses’ capability to handle any cybersecurity risks in its most vulnerable areas. This will enable an organization to focus its efforts to its particular needs, and to implement the necessary safeguards and critical services to lessen the risks of a cyber attack. 

Protect

Layered security like antivirus softwares, firewalls, patch management, and password management should also be considered, depending on the company’s risk assessment and risk management strategy.  Data should also be backed up regularly

This can help limit and contain the impact of a potential cybersecurity breach. 

Detect

Because the risks of cyber attacks are so high, being able to detect and discover cybersecurity threats as timely and as quickly as possible is of utmost importance. Ongoing network monitoring should be implemented, devices should be protected, and detection processes should be developed. 

Companies should consider using multifactor authentication as well as encrypting hard drives. Up to date technologies and VoIP phones are essential in ensuring that networks and unified communications are not vulnerable to cyber attacks. 

Respond

Any security incident can become a crisis if not handled the right way. These should be treated depending on potential damage, and employees should be prepared and well-trained to address security threats in a timely and efficient manner. 

Companies must have an optimized crisis management process to lessen the impact and the damage of a cyber attack. Response planning must be prioritized and constant improvements must be made to be able to properly contain potential damage to as little of the company as possible. 

Recover

Strategies for recovery must be regularly discussed and updated in the event of a cyber attack. External partners like cybersecurity specialists and government organizations should also be tapped, depending on the scale and reach of damage. 

Recovery plans must be able to contain and reduce the impact of a cybersecurity breach, and restore normal operations in a timely manner.

Source: MindMajix

Why Companies Need to Act Fast

While the Internet provides many conveniences, it also has its consequences. With every development the Internet has to offer, cyber threats continue to meet them head on.

This is why businesses need to start putting more importance on their cybersecurity. Companies must be able to keep up with the evolution of cyber threats, which become more potent everyday.

While putting up defenses for cyber attacks may seem daunting, it is still possible. But priorities must be set, and a cybersecurity-culture must be created.

Sam O’Brien is the Senior Website Optimisation & User Experience Manager for EMEA at RingCentral, a Global VoIP, video conferencing and VoIP Server provider. Sam has a passion for innovation and loves exploring ways to collaborate more with dispersed teams. He has written for websites such as Socialnomics and TechNative. Here is his LinkedIn.

Follow us on social media for the latest updates in B2B!

Image

Latest

One-of-a-kind shopping experiences
The Resurgence of Brick-and-Mortar Stores: One-of-a-kind Shopping Experiences Are Turning Customers into Brand Ambassadors
April 24, 2024

In the convenient world of e-commerce, big box stores are seeing a resurgence. Chains like Dick’s Sporting Goods, Walmart, and Target are experimenting with one-of-a-kind shopping experiences that can turn casual shoppers into loyal fans. In a recent Experts Talk roundtable, Allen Adamson, Co-Founder at Metaforce, highlighted how one-of-a-kind shopping experiences make for exciting […]

Read More
digital augmentations
Revolutionize Customer Engagement Through Digital Augmentations in Physical Retail
April 24, 2024

The digital transformation of retail experiences in physical stores has become crucial as big-box retailers strive to maintain their relevance and competitive edge in a digital era. These retailers are embedding interactive features and digital augmentations in their physical locations to offer unique, engaging customer experiences. This approach merges the tactile allure of in-store […]

Read More
experiences
Enthusiastic and Trained Employees can Enhance Experiences and Drive Success in Physical Retail
April 24, 2024

In today’s retail landscape, big-box retailers are emphasizing the importance of their physical locations, even as the digital marketplace continues to expand. Stores like Dick’s Sporting Goods and Walmart are not just maintaining their brick-and-mortar presence but are actively enhancing it with features like interactive elements and new store openings. This reassertion of the […]

Read More
The Coexistence of Big Box and Small Retail Relies on Synergistic Relationships
April 24, 2024

Despite being long time competitors, big box retailers and small local businesses can both coexist in ways that benefit the other. Of course, both retail formats are different but by maintaining their core business models, the two can bank and leverage their strengths and still be open to synergistic relationships. During an episode of […]

Read More
Related
perimeter
Software & Technology
Perimeter Data is Transforming Security Operations from Reactive to Proactive
April 24, 2024
Healthcare
Forming Relationships with Industry Insiders Can Quell Sales Cycles and their Length of Time
April 23, 2024

New companies are facing more and more challenges in the security industry as sales cycles are experiencing lengthier times. One of those reasons is due to the complexity of the security industry itself, along with the unique and special business models every new company will come in with. But there is a solution to […]

Read More
Healthcare
Security Operations Improvements Will Come Via Worker Empowerment
April 23, 2024

The security industry can harness technological tools to optimize workflows and to help further enhance operational efficiency. Much of that can come via retooling, and educating, the labor force to enhance operations within security and control centers.  In an episode of MarketScale’s premier roundtable discussion show, Experts Talk, previewing major trends for ISC West […]

Read More