Companies ignoring unified comms security

Companies are leaving their unified communications (UC) systems wide open to hackers, newly published research claims.
The biggest problems arise from the improper or incomplete use of security features, according to the latest report from Light Reading's VoIP Services Insider.

"Vendors are putting technologies in place to provide protection from existing and impending threats," said Denise Culver, a research analyst at Light Reading.

"But the likelihood of a major and successful attack on UC systems is growing for one simple reason: end user failure to implement security techniques properly.

"Simple measures such as encryption are not used by customers, even though their UC platforms enable such protection.

"This leaves vendors to wonder what kind of disaster must occur before enterprises realise the need for implementing the security measures on their UC platforms."

Culver added that, while UC services run by service providers appear to be less prone to attack because security measures are more likely to be deployed properly, end-user misuse could trickle up to affect larger UC installations.

"Vendors are working diligently to build more security into their UC platforms, teaming up with third-party security experts and, in some cases, with vendors that normally would be considered competition," she said.

The report also noted that enterprise users represent the most "glaring point of vulnerability" regarding potential UC security breaches.

However, Culver noted that third-party specialists in UC security are emerging to secure UC applications, even with vendors that already have security measures in place.