There are a lot of concerns to address for executive security officers today, from increasingly worrisome Denial of Service DoS attacks to influxes of zero-day vulnerabilities. Itβs fair to say that securing UC communications isnβt something thatβs on the top of their list.
Traditionally, security for enterprises has focused on data. Thereβs a huge criminal community dedicated to the goal of stealing data or encrypting it and holding it to ransom. Thatβs why enterprises spend billions of dollars a year protecting their data with security devices and firewalls. Enterprises have begun to close down data doors, but maybe theyβve left a window open.
UC applications like video, voice, messaging, and file sharing are transmitted through the same IP as data applications, and prone to the same attacks. Where UC applications differ, is that theyβre real-time applications using SIP to signal between endpoints and stacks.
Whatβs the Danger with UC?
Problems with UC security expand on an enterpriseβs level of risk by introducing theft of service, voice phishing, DoS, and Telephony Denial of Service attacks. Even next-generation data firewalls arenβt adequately built to protect SIP-based real-time solutions, and this is a serious concern. IBMβs Security Intelligence group have only recently revealed that cyber-attacks using VoIP grew in 2016, accounting for over 51% of the security issues analysed in that year.
Simply put, SIP protection requires the use of a Session Border Controller (SBC). As many enterprises adapt zero-trust models in security, every application needs to be monitored, and SBCs can play important roles in enterprise communication by offering signalling interworking, intelligent routing, and media services to boost experience quality.
However, the primary function of SBCs is to protect the UC network from SIP attacks. With security features like protocol filtering, per-session awareness, encryption, and dynamic blacklisting, SBCs can prevent telephony-based attacks. Many enterprises today use SBCs as a UC firewall, and a tool to encrypt their assets. These premise-based solutions are intended to secure applications in the enterprise, but what happens when UC enters the cloud?
Moving into the Cloud
Statistics reveal that the number of VoIP and UC subscribers in the cloud will double in the next few years, to reach 75 million by 2020. The cloud, therefore, represents a much larger space, vulnerable to attack. Cloud-based services are made up of a range of VMs (virtual machines), and dozens of different microservices, each of which is equipped with its own API.
Any API and VM call could expose applications to potential breaches in security. That means that enterprises canβt rely completely on their cloud service providers to secure the UC connections that take place, particularly in compliance-restricted industries like healthcare and finance.
The broad nature of the cloud provides a range of attack points for hackers. Compared to on-premise solutions for UC, enterprises will have a smaller grasp over security control. That means that enterprises need to work harder to scrutinise their practices and ensure theyβre protecting their networks appropriately.
The Importance of SBC
Just as enterprises should never connect their data network to the internet without firewalls, Session Border Controllers are essential to real-time SIP connections. However, not all SBCs are created equal. That means that you need to be cautious with your choices.
The cloud has proven itself to be the future for IT, and many enterprises have discovered that itβs the future of UC too. Thereβs a lot of value in UC as a Service, from unified messaging across various locations and devices, to cost stabilisation. According to analysts like Micro Market Monitor, the /unified-communications/ucaas market for Asia-pacific is expected to grow by around $3.88 billion by 2020. Of course, UCaaS will require a different security solution to on-premise systems.
Cyber criminals are focusing more heavily on cloud-based platforms, and enterprises need to get proactive in defending against cloud attacks β specifically from under-secured vectors like SIP-based communications. The best approach may be to remember that moving applications into the cloud doesnβt always shift the security responsibility to your service host. To maintain the strength of your UC, enterprises need a holistic approach to security.
Β
