Living on the Edge: The New Real-Time Communications Security Risks

Real-time communications Security Risks

As more and more people have been forced to work remotely due to the global public health crisis, collaboration platforms have unexpectedly saved the day for millions of businesses and allowed teams to continue to get work done and stay connected.

With so many of their employees working remotely, companies must also move their communications and sensitive data onto collaboration platforms, but at what cost? It is essential for organizations to understand that new security threats will surface and extra attention must be paid to securing not only data and infrastructure, but also Real-time communications.

Complience Cloud Risks

Real-time communications

The recent high-profile vulnerabilities on popular collaboration platforms like Slack and Zoom have many organizations keenly focusing their security efforts on preventing similar types of breaches. As more data is being processed outside of enterprises’ physical domains, and outside the core of the network, cybersecurity risks are skyrocketing – including the risk of real-time communications sessions (voice, data, messaging, video, collaboration, etc.) being compromised.

Potential threats include malware, denial of service (DoS), distributed denial of services (DDoS), viruses, worms and ransomware and more. As innovations, including voice to text conversion, can turn confidential conversations into easily searched and accessed data, it’s time to think more deeply about securing these vulnerable environments.

So, what can companies do to protect mission-critical data and information from malicious attacks? For a completely secure network environment, organizations should seriously consider adding unified communications (UC) analytics to their security stack. With sophisticated software and automation, they can leverage network behavioral analytics to detect and protect against bad actors.

Advanced UC Analytics Solutions

Advanced UC analytics solutions can determine how an organization’s communications system acts in the enterprise during different times of day, establishing a baseline of normal network operations. Irregularities can be detected, analyzed and mitigated as needed. By creating a baseline model leveraging analytics, security intelligence tools can identify threats in near real-time and then dynamically share bad actor policies and enforcement methods into the entire network.

Running behavioral network analytics against the UC network to observe and detect malicious activity enables organizations to turn data into actionable information. This information can, in turn, be consumed by a suite of security applications, including session border controllers (SBCs), to prevent fraud, robocalling and telephony denial of service (TDoS) attacks. UC analytics can also share security policy decisions with multiple vendor hardware and software solutions to lock down the network edge.

What traditional firewalls do for data, SBCs do for voice and video data, which is increasingly shared over IP networks. More often than not, SBCs are the first line of defense for voice and video endpoints because of their ability to detect suspicious or anomalous behavior and communicate between other devices, firewalls and technology within a network – an ability that firewalls alone do not have.

Beyond UC analytics and SBCs, here are a few more practical steps that organizations can implement to protect their employees and their networks against attacks:

  • Secure virtual collaboration platforms with the same high level of security policies and software that is used for securing email. Apply all software patches as soon as possible, including mandating updates to end-user devices.
  • Mandate two-factor or multi-factor authentication for all logins.
  • Continually educate employees on all corporate security policies. Ensure that corporate security policies are easily accessible to new and existing employees.
  • Modernize monitoring tools and technologies designed to spot sensitive data that might be exposed; securing cloud-based applications is completely different from traditional premise-based or distributed VPN services.

Investing in a UC analytics solution along with proven applications like SBCs, complemented by sound security measures, will go a long way in protecting organizations against an expanded threat vector in a post-pandemic world when more employees will be working from home than ever before.

By Patrick Joggerst

Jim Fagan

Behind The Headlines: Capacity For The Rest Of Us

Capacity For The Rest Of Us We live in the connected age, and the rise of cloud computing that creates previously unheard of value in our professional and personal lives is at the very heart ...
Gamestop NFT

Could GameStop Issue An NFT Dividend?

NFT Dividends A Non-Fungible Token (NFT) is a piece of data that is stored on a blockchain that certifies a digital asset to be unique. An NFT can represent pictures, videos, GIFs, audio and other ...
Doug Hazelman Cloudberry

Managing an Increasingly Complex IT Environment

Managing Complex IT Environments The hybrid work model is here to stay—at least for the time being. That’s how things feel in these still uncertain times. This new way of work that has evolved from ...
Derrek Schutman

Implementing Digital Capabilities Successfully to Boost NPS and Maximize Value Realization

Implementing Digital Capabilities Successfully Building robust digital capabilities can deliver huge benefits to Digital Service Providers (DSPs). A recent TMForum survey shows that building digital capabilities (including digitization of customer experience and operations), is the ...
Derrek Schutman

Providing Robust Digital Capabilities by Building a Digital Enablement Layer

Building a Digital Enablement Layer Most Digital Service Providers (DSPs) aim to provide digital capabilities to customers but struggle to transform with legacy O/BSS systems. According to McKinsey research, 70% of digital transformation projects don’t ...

CLOUD MONITORING

The CloudTweaks technology lists will include updated resources to leading services from around the globe. Examples include leading IT Monitoring Services, Bootcamps, VPNs, CDNs, Reseller Programs and much more...

  • Opsview

    Opsview

    Opsview is a global privately held IT Systems Management software company whose core product, Opsview Enterprise was released in 2009. The company has offices in the UK and USA, boasting some 35,000 corporate clients. Their prominent clients include Cisco, MIT, Allianz, NewVoiceMedia, Active Network, and University of Surrey.

  • Nagios

    Nagios

    Nagios is one of the leading vendors of IT monitoring and management tools offering cloud monitoring capabilities for AWS, EC2 (Elastic Compute Cloud) and S3 (Simple Storage Service). Their products include infrastructure, server, and network monitoring solutions like Nagios XI, Nagios Log Server, and Nagios Network Analyzer.

  • Datadog

    DataDog

    DataDog is a startup based out of New York which secured $31 Million in series C funding. They are quickly making a name for themselves and have a truly impressive client list with the likes of Adobe, Salesforce, HP, Facebook and many others.

  • Sematext Logo

    Sematext

    Sematext bridges the gap between performance monitoring, real user monitoring, transaction tracing, and logs. Sematext all-in-one monitoring platform gives businesses full-stack visibility by exposing logs, metrics, and traces through a single Cloud or On-Premise solution. Sematext helps smart DevOps teams move faster.