How to Protect Unified Communications Against Cybersecurity Threats

Sam
Sam O' Brien
Sep 10, 2020
cyber-security exposure protection remote work SaaS UCaaS unified communications
Share this post

A company’s relationship with the Internet is much like a marriage of convenience. If the pair were to have a child, it would be UCaaS. UC is the integration of business communication services across multiple devices and media types. So we’re talking about your phone calls, video conferencing, instant messaging, SMS, and email for example.

Very much like a vulnerable child, for UC safety is always an issue. Indeed, cyber attacks are most likely to go for your communication channels before anything else. Moreover, whether arriving via spam, first generation software, or phishing, attacks always spell bad news. As more and more companies deploy unified communications as their core contact centre technology, we must now understand how to defend it.

So what’s the best way to protect our beloved UC given it’s still relatively in its infancy? Well, we’ve shared some pointers in this post that should help you safeguard against attacks. 

The Growing Threat of Cyber Attacks on Business

With the business industry quickly moving UC online, and with customers becoming more digitally connected through the Internet of Things (IoT), cyber assets are now at greater risk than ever

Companies are logically making security a priority. A recent report by ESG Global found that 60% of organizations they surveyed were increasing their cybersecurity budgets this year. Furthermore, Cybersecurity Ventures states that cyber attacks are the fastest growing crime globally. It predicts that its damages will annually cost $6 trillion worldwide by 2021.

Source: Hackmageddon

In April of 2019, around 540 million of Facebook users’ records were exposed and published on Amazon’s cloud computing service. Within the same month, Facebook had also unintentionally made more than a million user emails public. 

Capital One was also a victim of a major cyber attack in March of the same year, when a hacker gained access to 100 million customer accounts and credit card applications. 100,000 Social Security numbers, 80,000 bank accounts, and an undisclosed number of credit scores, balances, and addresses were also compromised. These are just two of the largest cyber attacks in the last year, and new security threats continue to emerge at a rapid pace. 

Cybersecurity attacks can result in the disruption of networks as well as unified communications systems paralysis. They can cause irreparable damage to businesses, and can even go as far as causing military equipment failure and breaching of national security secrets. 

Because Cyber Threats increase exponentially every year, for most companies cyber attacks are no longer just a possibility, but an inevitability. So what can companies do to protect themselves? 

Invest in Employee Education 

A majority of cyber issues are a direct result of simple human error and judgement. According to EY’s Global Security Survey 2017, 74% of cyber attacks are due to careless or untrained employees. 

Scam emails and even weak or repeatedly used passwords are simple but effective channels for hackers. Phishing schemes are a recurring problem that employees continue to face, and most of them are ill-equipped to handle them. 

Cyber security policies and digital awareness must be put into practice to keep employees up-to-date on cyber security protocol. Businesses should invest in training programs and other relevant online learning tools  to educate their employees on what to do in case of a potential threat or attack. 

Create a Security Culture

A security-driven community culture also needs to be created within the company. 

With the growing use of remote work tools, and new kinds of cyber threats rising just as quickly, there must be a venue for corporate security experts and security teams to regularly meet and discuss how to stay ahead of potential attacks. 

A structure of different communication groups within the business must be put together to address the different technology platforms, whether through calling, messaging, or emailing. Larger companies should also consider having teams specifically responsible for streaming and social platforms. 

Maintain an Effective Configuration Management Database (CMDB)

Most companies overlook their CMDB, which makes their organizations more vulnerable to attacks. 

By not keeping a well-maintained CMDB, businesses are more likely to find difficulty in implementing security procedures. This will open the door to more mistakes, and cost the company more time and resources down the line. 

Reinforcing CMDB and keeping equipment up-to-date can help secure organizations from threats. 

Update Information Security Management System (ISMS) 

Having an ISMS won’t do a company much good if it fails to do its job when needed.

Since we’ve established that cyber threats are always present, companies must not be complacent in checking that their ISMS is performing the way it should. A review of the system should become a regular practice, and security policies and procedures must be adjusted and optimized according to current threats. 

Another thing to consider when assessing ISMS is reinforcing the network itself. Businesses should look into session encryption and spam blocking, and decide on the cloud architecture that best addresses their needs.  

Consider the National Institute of Standards and Technology (NIST)

The NIST, which is a physical sciences laboratory and non-regulatory agency of the United States Department of Commerce has presented a study listing guidelines to improve critical infrastructure cybersecurity. 

While these guidelines should be considered in its entirety, let’s focus on the 5 steps in its framework.

Source: NIST

Identify

The first step is to understand the current business infrastructure, and to identify any possible cybersecurity risks to its systems, people, assets, and data. 

Since Unified Communications are the easiest and most common targets, resources must be assessed to know the businesses’ capability to handle any cybersecurity risks in its most vulnerable areas. This will enable an organization to focus its efforts to its particular needs, and to implement the necessary safeguards and critical services to lessen the risks of a cyber attack. 

Protect

Layered security like antivirus softwares, firewalls, patch management, and password management should also be considered, depending on the company’s risk assessment and risk management strategy.  Data should also be backed up regularly

This can help limit and contain the impact of a potential cybersecurity breach. 

Detect

Because the risks of cyber attacks are so high, being able to detect and discover cybersecurity threats as timely and as quickly as possible is of utmost importance. Ongoing network monitoring should be implemented, devices should be protected, and detection processes should be developed. 

Companies should consider using multifactor authentication as well as encrypting hard drives. Up to date technologies and VoIP phones are essential in ensuring that networks and unified communications are not vulnerable to cyber attacks. 

Respond

Any security incident can become a crisis if not handled the right way. These should be treated depending on potential damage, and employees should be prepared and well-trained to address security threats in a timely and efficient manner. 

Companies must have an optimized crisis management process to lessen the impact and the damage of a cyber attack. Response planning must be prioritized and constant improvements must be made to be able to properly contain potential damage to as little of the company as possible. 

Recover

Strategies for recovery must be regularly discussed and updated in the event of a cyber attack. External partners like cybersecurity specialists and government organizations should also be tapped, depending on the scale and reach of damage. 

Recovery plans must be able to contain and reduce the impact of a cybersecurity breach, and restore normal operations in a timely manner.

Source: MindMajix

Why Companies Need to Act Fast

While the Internet provides many conveniences, it also has its consequences. With every development the Internet has to offer, cyber threats continue to meet them head on.

This is why businesses need to start putting more importance on their cybersecurity. Companies must be able to keep up with the evolution of cyber threats, which become more potent everyday.

While putting up defenses for cyber attacks may seem daunting, it is still possible. But priorities must be set, and a cybersecurity-culture must be created.

Sam O’Brien is the Senior Website Optimisation & User Experience Manager for EMEA at RingCentral, a Global VoIP, video conferencing and VoIP Server provider. Sam has a passion for innovation and loves exploring ways to collaborate more with dispersed teams. He has written for websites such as Socialnomics and TechNative. Here is his LinkedIn.

Follow us on social media for the latest updates in B2B!

Image

Latest

data-driven tools
Leverage Data-Driven Tools and Local SEO for Maximum Search Engine Rankings
July 26, 2024

As businesses continue to navigate the digital landscape, data-driven tools are more crucial than ever for effective SEO strategies. Understanding and implementing the proper SEO practices can make a significant difference with evolving algorithms and competitive markets. Given that 75% of users never scroll past the first page of search results, this statistic underscores…

Read More
On-device AI
On-Device AI is Today’s Tech Innovation, Competition and Market Leadership Driver
July 26, 2024

On-device AI revolutionizes the tech landscape, making it a critical factor for industry dominance. This cutting-edge technology directly integrates advanced AI capabilities into devices, transforming consumer and enterprise applications. This shift stems from the need for improved performance, reduced latency, enhanced data privacy & security, and personalized user experiences. With advancements in neural processing…

Read More
modern supply chains
The Role of AI in Modern Supply Chains: Insights from Aaron Hatfield at Arvist
July 26, 2024

Artificial intelligence rapidly transforms modern supply chains, with companies like Arvist leading the charge. In a recent episode of Hammer Down, hosted by Mike Bush, Aaron Hatfield, the Head of Sales at Arvist, sheds light on AI’s practical applications and benefits in enhancing supply chain operations. Is AI in the supply chain a double-edged…

Read More
semiconductor manufacturing
Training New Semiconductor Manufacturing Professionals is Key to Meet Coming Domestic Manufacturing Demand
July 26, 2024

Over the past few years, the U.S. has made significant strides in semiconductor manufacturing, driven by substantial investments and strategic policies. With the CHIPS Act expected to triple domestic semiconductor manufacturing capacity by 2032, the need for a skilled workforce is more urgent than ever. This discussion explores the key question: What does the…

Read More
Related
On-device AI
Software & Technology
On-Device AI is Today’s Tech Innovation, Competition and Market Leadership Driver
July 26, 2024
fire detection
Healthcare
How Fire Detection and Safety Technology is Evolving to Provide Peace of Mind to the Residential Community
July 9, 2024

The evolution of fire detection and safety technology is not just a luxury but a necessity. With modern homes built with materials that can burn faster than those of the past, the stakes are higher than ever. Research shows that 60% of home fires are due to human error, and 40% of people believe…

Read More
Hy-Tek
Healthcare
Hy-Tek’s Game-Changing Robotics and Automation Technologies Take Center Stage at Modex 2024
June 29, 2024

Hy-Tek Intralogistics, a leader in supply chain and distribution technology, showcased its state-of-the-art technology at Modex 2024, which took place between March 11 and 14 in Atlanta, Georgia. The trade show served as an ideal platform for Hy-Tek to showcase its advanced IntraOne platform, a robust set of technologies aimed at optimizing supply chain…

Read More