By Steve Regini
Companies must update security systems to address new mobile or cloud requirements while paying attention to policies. “When adding a private cloud, a security review is more important than ever,” says Marc Randall, senior vice president and general manager at Avaya Networking. “Get rid of policies that do not add value to the business and conflict with cloud use.
With unified communications (UC), protecting data and managing uptime is more complex because the technologies have not evolved in an integrated fashion, says Andy Zmolek, a UC security expert and director of technology partnerships at Divide, a mobile device management software provider. “There are lots of services that interact and many pieces that are being tied together by the vendor or by the IT department, which can make it harder to manage,” he says.
With IP telephony and UC, companies will need to spend more time testing failover scenarios and validating when they make changes to their systems to ensure that service levels remain high. “We used to only worry about managing redundancy across circuit boards,” Zmolek says. “Today, when switching to a software-driven model, it’s not always clear where redundancy should exist.
Latency is a related and common problem in managing UC applications, especially when outsourcing your systems to a cloud or other hosting provider. “Even a conference call between parties in the same building must still be aggregated in a data centre that could be hundreds or thousands of miles away,” Bennett says.
At the network layer, IT must ensure that devices connecting to the network are actually authorised devices, according to John Bartlett, a Principal at communications consulting firm NetForecast, Inc. “So, there is an issue of making sure that [the device] really is a phone, or that it really is a video conferencing endpoint, or that it really is a PBX, and there are a number of different methodologies for that,” Bartlett says.
Take, for example, the Angus Knight Group, an Australian staffing and e-learning company that managed several PABX phone systems before moving to IP telephony. “Our voice systems constantly were offline, and we needed to move to a standard telephony system that was more flexible and scalable and would provide a better return on investment,” says Greg Maginnity, infrastructure manager with Angus Knight.
In the public cloud, it’s easier for someone to gain access to administrator credentials from the web, says Zmolek. “Your vendor, however, can institute limits on the number of times one can enter incorrect administrator credentials, among other protections,” he adds.
Unplug equipment from the network or take a router or switch out of service to make sure that the UC system responds the way you expect. “It’s always better to learn the true redundancy limitations of your UC system in testing than wait to discover them in a real-world outage,” says Zmolek.
A high-quality UC-as-a-service (UCaaS) offering will enable sophisticated access control and prevent sharing of administrator accounts, says Zmolek. “Your organisation will spend more on having that separation, but keep in mind that not all software applications even enable it,” he warns.
Read more here: Business Spectator