How UC in the Cloud Impacts Your Security Position
What's the risk with unified communications in the cloud?
There are a lot of concerns to address for executive security officers today, from increasingly worrisome Denial of Service DoS attacks to influxes of zero-day vulnerabilities. It’s fair to say that securing UC communications isn’t something that’s on the top of their list.
Traditionally, security for enterprises has focused on data. There’s a huge criminal community dedicated to the goal of stealing data or encrypting it and holding it to ransom. That’s why enterprises spend billions of dollars a year protecting their data with security devices and firewalls. Enterprises have begun to close down data doors, but maybe they’ve left a window open.
UC applications like video, voice, messaging, and file sharing are transmitted through the same IP as data applications, and prone to the same attacks. Where UC applications differ, is that they’re real-time applications using SIP to signal between endpoints and stacks.
What’s the Danger with UC?
Problems with UC security expand on an enterprise’s level of risk by introducing theft of service, voice phishing, DoS, and Telephony Denial of Service attacks. Even next-generation data firewalls aren’t adequately built to protect SIP-based real-time solutions, and this is a serious concern. IBM’s Security Intelligence group have only recently revealed that cyber-attacks using VoIP grew in 2016, accounting for over 51% of the security issues analysed in that year.
Simply put, SIP protection requires the use of a Session Border Controller (SBC). As many enterprises adapt zero-trust models in security, every application needs to be monitored, and SBCs can play important roles in enterprise communication by offering signalling interworking, intelligent routing, and media services to boost experience quality.
However, the primary function of SBCs is to protect the UC network from SIP attacks. With security features like protocol filtering, per-session awareness, encryption, and dynamic blacklisting, SBCs can prevent telephony-based attacks. Many enterprises today use SBCs as a UC firewall, and a tool to encrypt their assets. These premise-based solutions are intended to secure applications in the enterprise, but what happens when UC enters the cloud?
Moving into the Cloud
Statistics reveal that the number of VoIP and UC subscribers in the cloud will double in the next few years, to reach 75 million by 2020. The cloud, therefore, represents a much larger space, vulnerable to attack. Cloud-based services are made up of a range of VMs (virtual machines), and dozens of different microservices, each of which is equipped with its own API.
Any API and VM call could expose applications to potential breaches in security. That means that enterprises can’t rely completely on their cloud service providers to secure the UC connections that take place, particularly in compliance-restricted industries like healthcare and finance.
The broad nature of the cloud provides a range of attack points for hackers. Compared to on-premise solutions for UC, enterprises will have a smaller grasp over security control. That means that enterprises need to work harder to scrutinise their practices and ensure they’re protecting their networks appropriately.
The Importance of SBC
Just as enterprises should never connect their data network to the internet without firewalls, Session Border Controllers are essential to real-time SIP connections. However, not all SBCs are created equal. That means that you need to be cautious with your choices.
The cloud has proven itself to be the future for IT, and many enterprises have discovered that it’s the future of UC too. There’s a lot of value in UC as a Service, from unified messaging across various locations and devices, to cost stabilisation. According to analysts like Micro Market Monitor, the /unified-communications/ucaas market for Asia-pacific is expected to grow by around $3.88 billion by 2020. Of course, UCaaS will require a different security solution to on-premise systems.
Cyber criminals are focusing more heavily on cloud-based platforms, and enterprises need to get proactive in defending against cloud attacks – specifically from under-secured vectors like SIP-based communications. The best approach may be to remember that moving applications into the cloud doesn’t always shift the security responsibility to your service host. To maintain the strength of your UC, enterprises need a holistic approach to security.