Ever since voice systems moved onto IP networks, we’ve known that security would become a much bigger issue for the enterprise communications industry. Experts have been warning about it, and many industry observers have been expecting the other shoe to drop. And while there certainly have been innovative and scary exploits of VoIP systems and devices already, the industry as a whole has been slow to really sit up and take notice. But we’re seeing at least some signs that enterprise communications security is starting to get the attention it’s due.
Last month, researchers at Microsoft’s Threat Intelligence Center warned governments and other organizations around the world that the Russian hacking group Strontium or Fancy Bear—the group blamed for the 2016 election hacks—had been accessing corporate networks through a number of Internet-connected devices including VoIP phones. In announcing the findings, Microsoft published a list of 12 recommendations, centered around the need to tighten policies, auditing, monitoring, and management.
This higher level of security is likely to require a cultural change within enterprise IT, according to Kevin Isacks, VP of edge products at Ribbon Communications. On a recent call with the EC editorial team, Kevin pointed out that, just as communications people tended not to think much about security, likewise the security teams didn’t really understand voice, and believed nothing ever happened there that concerned them.
Microsoft’s warning is a dramatic indication that this gulf needs to be bridged. Communications teams need to build security best practices into their deployment and management routines; and security groups need to pay attention to what’s happening with the communications network.
If the specter of a VoIP-enabled security breach isn’t enough to motivate all sides to come together, there’s always the ultimate motivator: money. When your communications network and devices are breached, the hacker may not be after your corporate data—they may be engaged in today’s iteration of the old security bugbear: toll fraud. IP networking has given fraudsters lots of new, creative ways to engage in one of the oldest telephony attacks in the enterprise world.
However, one point Kevin made in our conversation is that the kinds of advanced analytics we’re seeing today can also be a powerful tool for enterprise communications security. Analytics offer better, faster ways of knowing when an attack is under way, and detection on any device at any location can trigger an automated network-wide response.
Our network security sessions at Enterprise Connect Orlando last March were packed, and we think this is a topic that will continue to grow in interest and importance as we plan EC2020. In the meantime, you can learn more about enterprise communications security by joining an Enterprise Connect webinar next week: Conquering Toll Fraud with Analytics. The session, sponsored by Ribbon, will feature Irwin Lazar of Nemertes Research as our analyst speaker. I hope you can join us.