By Billy Chia, Technical Marketing Specialist, Digium
Unified Communications (UC) presents unique security challenges because it brings disparate technologies, such as VoIP, video, chat, email and presence, together into one unified messaging system. As the technology has become more complex and more accessible from the public Internet, the security threat has increased. While large businesses can dedicate substantial resources toward securing their communications, SMBs need solutions that are both effective and simple to manage security.
Here are seven best practices that can help SMBs keep communications flowing.
1.) Deploy a Properly Configured Firewall: A general rule of thumb is to block all unknown traffic into the network and only allow traffic from trusted sources. This strategy doesn’t usually work well for a Web server, but a UC server should absolutely be sequestered behind a firewall. Surprisingly, many SMBs don’t deploy a firewall or they deploy a firewall but open ports to all networks to allow remote users. This is almost the same as having no firewall at all. Although some UC servers have built-in attack mitigation mechanisms, these should not be solely relied upon. A firewall is designed to sort traffic; a UC server is not. Using each device for its intended purpose will keep the network the most secure.
2.) Enable a VPN for Remote Users: Many SMB networking devices, such as routers and firewalls, come with built-in Virtualized Private Network (VPN) capability. Quality VPN devices are now available at affordable prices. For remote users, and while connecting remote SMB offices, the simplest option is to deploy a VPN device at both ends. The connected devices form an encrypted “tunnel” over the public Internet. This “virtual” network keeps all traffic safe.'
3.) Use Strong Passwords: An overlooked security measure, strong (system) passwords should be used for every password required in a UC solution. Business VoIP phones should especially be protected by unique strong Session Initiation Protocol (SIP) passwords. Keep in mind that re-used passwords or weak passwords make it easy for an attacker to get access to SIP credentials. Once authenticated with a SIP account, an attacker can make calls as though they were using that phone – including toll calls that could result in high fees. Another area of concern is user passwords. If a UC solution requires a user login, then SMBs will want to ensure that they require strong passwords for users.
4.) Update Regularly: A standard security best practice that is almost universal to all technologies is to keep software up to date. As well as obtaining bug fixes, keeping software updated helps improve security. As potential exploits are found, security patches are then released as software updates. The most recent version is typically the most secure. Whenever a UC server is updated it’s important to follow the best practices for updating. Be aware of what has changed and how the update could impact the system; backing up the system first and performing the update during a scheduled maintenance window also helps to ensure users will have access to the system when they need it.
5.) Turn Off Unused Services: Another standard practice is to turn off any unused services. If a feature is not being used it should be shut down to lessen the potential attack surface. Not only does this improve security, but this will also improve performance as there will be less protocol traffic on the network and the server will be less taxed because it’s doing less work.
6.) Monitor your Call Logs: Often attacks go unnoticed until a great amount of damage is done. By regularly reviewing system logs, damage can be mitigated by catching the attack and taking action early. In particular, running regular call log reports on toll calls made by the system can help create a baseline for normal activity. SMBs will be able to notice when activity exceeds this baseline signaling that the system has been compromised. SMBs can investigate further by looking at the call logs.
7.) Use Built-in UC Security Tools: The best way to secure UC devices is to use dedicated security equipment like VPNs and firewall routers. However, taking advantage of built-in security tools can add an extra level of protection. The blocked IPs tool will block IP addresses that fail multiple registration attempts. In theory, a properly configured firewall should prevent SIP scanners from being able to reach a UC sever; however, this additional level of security adds peace of mind and works as a functional back-up to round out a security suite.