Cloud-Based Security for UCaaS Explained
How secure is the cloud? Is moving a telecommunications system from on-premises to the cloud risky? Can a cloud-based system provide enough security and safety to meet regulatory requirements?
A cloud-based system isn’t inherently more or less secure than an on-premises system. But by asking the right questions and following industry best practices, a cloud-based system can be as secure, or even more secure, than an on-premises system.
In many cases, the greatest vulnerability in any system is the users. One employee clicking on a link in a phishing email can undermine even the most secure system.
Employee training is a critical part of keeping any system safe and secure. Make sure that employees know about phishing emails and other ways that hackers attempt to trick people into giving up sensitive information, such as passwords.
Remember, any system that can be accessed via the internet is vulnerable if an employee compromises security.
Ask the right questions
Not all telecommunications platforms and set-ups are created equally, especially when it comes to security.
The best practice is to build a system on a private network using a platform that receives regular security updates from a conscientious vendor.
Unfortunately, that isn’t the least expensive way to design a cloud-based system. In many cases, especially in a competitive bidding situation, vendors will recommend (or a company will choose) a multi-tenant system.
In a multi-tenant system, different clients will share servers, applications, and operating systems. That lowers costs for everyone. But it also means that the system has many areas of vulnerability. A mistake by someone at another firm can compromise the entire system, causing a global outage that affects all customers on the shared platform.
Other clients can’t see your data, but shared servers are inherently less secure than independent, single-instance systems. Should the system go down or become compromised, every customer’s data is affected. You also have no control over when operating systems and applications are updated.
If a vendor recommends a multi-tenant system, ask tough questions. How does the vendor keep the entire system secure? How does the vendor segregate data and other information to ensure that a data breach for one client won’t affect others as well? What safeguards are in place? How often and how thoroughly does the vendor test the system? Are security patches, system/application updates, and other safeguards added in a timely fashion? How are updates managed to minimize disruption? If a software company releases a security update, will a vendor apply it right away?
Add Privacy and Encryption
Another best practice is to incorporate strong encryption throughout the entire telecommunications chain. Voice, email, and other data should be encrypted from each device (laptop, phone, or other soft client) all the way to the system and back again.
For clients that use a public service, VOIP Networks installs SD-WAN appliances with next-generation firewalls and follows industry best practices to encrypt client networks down to the end site. We put critical customers with major security requirements in 100% private cloud systems for maximum security.
Before choosing a vendor, ask about encryption. Is it end-to-end? Ask what perimeter security the vendor uses to keep the platform secure. Make sure no applications or communications are exposed at any point in the process.
Look at the System
VOIP Networks uses the Mitel platform, which features proprietary security protocols that provide industry-best call control with encryption.
Many carriers use Secure Real-time Transport Protocol (SRTP), a system that was first developed in 2004. Because hackers have had years to find vulnerabilities, make sure any vendor using that system implements the latest security measures.
Security is often the result of asking the right questions and performing thorough due diligence. Done correctly, a cloud-based system can be as safe and secure as any other.
VOIP Networks designs and manages UCaaS systems that adhere to all the best practices for cloud-based telecommunications. For more information, or to discuss your communications needs, please contact us.