How to secure your UCaaS solution

An increasing number of businesses are adopting cloud delivery models for their enterprise communications. But with the prevalence of data breaches, companies must adopt proactive cybersecurity measures, too

  • By John Loftin, Head of Unified Communications, Powwownow | Tuesday, August 28th, 2018

The cloud delivery model for enterprise communications brings together a number of technologies in order to support a more flexible and scalable working approach

The rate of development of unified communications-as-a-service (UCaaS) solutions has moved at pace in recent years. This cloud delivery model for enterprise communications brings together a number of technologies – such as instant messaging, voice-over-IP telephony, email and webinars – to support a more flexible and scalable working approach.

While it is predicted half of all business will move to hosted solutions by 2020, cybersecurity measures aren’t necessarily set to keep pace. According to the Breach Level Index, more than 9.7 billion data records have been lost or stolen globally since 2013 as a result of data breaches and cybercrime, and there is little to suggest this number won’t rise in the future.

Cloud-based solutions involve data that is subject to the same risks as any other kind of data, and need to be protected against breaches, denial-of-service attacks, malware and other cyberthreats. Consequently, it is vital to adopt vigilant and proactive security measures for the benefit of staff, customers and businesses.

Check your supplier
If a vendor has an ISO-27001-compliant, information-security-management system in place, it is highly likely to be in accordance with the EU’s General Data Protection Regulation (GDPR). However, it is still important to check the supplier’s GDPR policies to determine what customer data will be held, as well as where and how it will be stored.

You must also discern whether fraud protection is built into the supplier’s solution. A hosted solution means it is your supplier’s responsibility to maintain the service level agreement that has been offered, but it is the customer’s responsibility to make sure the hosted company has these policies in place.

For a lot of customers, the risk level on a hosted system is lower than on their own private branch exchange solution, as call data is held by the supplier on servers rather than by the end customer. What’s more, the supplier will typically have access to a number of highly trained security specialists who would otherwise be too expensive for SMEs to employ themselves.

Find out whether your cloud-service provider’s policy on end-to-end encryption guarantees that communications data is encrypted at every stage of the process

Educate your users
Teach users to recognise a secure hotspot to work across. Users need to know whether the data they are sending – or the call they are making – is confidential and, if not, how to secure their hotspot accordingly.

Encourage users to add applications onto their mobiles where they can so that call traffic stays on your system and not the end user’s.

Stay up to date
One common way for hackers to get into a system is through vulnerabilities or loopholes in outdated equipment or applications, with older versions of apps often possessing bugs that can be exploited.

To solve this, make sure your software is up to date, pay attention to usage alerts and ensure you can redeploy licences. You should also save information elsewhere by performing regular backups of the entire system.

Monitor systems
Many businesses don’t know they’ve been breached or attacked until it is too late to react. Check your solution has tools and applications for monitoring your network and ensure you have these checks in place so you can detect an intrusion as soon as it happens.

Strengthen authentication controls
Ensure all employees understand password and authentication controls, and that no device still uses the default password it was set up with.

Having strong passwords is an easy way to maintain safety, so we suggest changing your password regularly and using a minimum of 16 characters, including numbers and symbols, as well as a mix of uppercase and lowercase letters.

Don’t use password generators, as they often recycle old passwords that hackers might know.

Ensure data is encrypted
All cloud-service providers should use hypervisor technology to divide physical server space into isolated virtual packets. However, you should still check your cloud-service provider’s policy on end-to-end encryption; find out whether it guarantees that communications data is encrypted at every stage of the process, from the data centre right through to the end users’ devices.

Adapt firewalls and security software
A standard firewall will not safeguard a modern integrated UCaaS system, since there will be numerous holes in your network security. To solve this, a number of UCaaS solutions harness session border controllers within the carrier network and provide on-net connectivity between the hosted-voice provider and the end user.

This means call traffic does not go across the public internet at any point, significantly improving the security of the network. Strong anti-malware features should also be in place to protect information and defend against a loss of productivity due to spam or viruses.

Ensuring UCaaS solutions are safeguarded with the appropriate security measures means businesses can enjoy safer, more efficient working practices.