The Critical Role of Security in Unified Communications

by Austin Herrington
October 03, 2018

Integrating voice, chat, video/audio conferencing, faxing, and email, unified communications (UC) delivers a wealth of advantages in productivity and collaboration. These gains however, also come with security challenges and industry standards that must be met for a thoroughly sufficient UC implementation.

When it comes to security and compliance requirements for unified communications, deploying layered-defense counter measures are the best approach to ensuring proper protection. Here are some key considerations to look for from your unified communications solution and your provider.

Unified communications security

Industry-specific considerations

When considering any potential unified communications as a Service (UCaaS) provider, it’s important to explore capabilities regarding all applicable privacy regulations – and look for a high-level of compliance assistance. For example, healthcare providers should seek a UCaaS provider that will sign a Business Associate Agreement (BAA), which signifies an active role in ensuring your own compliance with HIPAA regulations.

Overall security considerations

Beyond the above industry considerations, every enterprise seeking to move to UCaaS should ensure four critical security considerations are fully covered:

  • Database security. Will your information be stored in secure servers? Where are they located? Are they backed up in equally secure locations/environments?
  • Access security. Do you leverage carrier-grade firewalls? What type of access controls do you leverage for users, applications and service accounts? Are you leveraging strong authentication capabilities and performing access reviews periodically? Stringent authentication and authorization guidelines are essential to protecting sensitive information and aligning to regulatory standards.
  • Communication security. Are your calls, messages, and meetings going to be encrypted? That’s an absolute requirement for thoroughly protecting information while in transit. Will call recordings and messages be encrypted? Are there regulatory requirements effecting your company that dictate a standard of care and protection?
  • Continual upgrades. One of the key benefits of any cloud-based solution is the ability for the service provider to continually update software versions and security patches. What does the UCaaS provider do to ensure that the UC environment is always optimally secure?

Pairing UCaaS security with network security

For an ideally secure UCaaS implementation, look for a provider that can pair a robust UC solution with a reliable and secure data connection and/or SD-WAN overlay. This will bolster performance by transmitting encrypted calls, messages, and meetings over a QoS-enabled and SLA-backed design, so that critical voice calls aren’t competing for bandwidth against general Internet traffic. This will also allow you to modify firewall and security policies by location for maximum control of critical network and UC functions.

In short: A satisfying UCaaS implementation requires much more than combining all forms of communication and collaboration. It requires making sure that they are securely designed, operated and unified.