Author: WJaegel | Total views: 4 Comments: 0
Word Count: 847 Date: Thu, 24 Jan 2008 8:07 AM

The Value of Secure Unified Communications Technologies for Improving End User Productivity

Unified communications refers to the real-time redirection of a voice, text or email message to the device closest to the intended recipient, at any given time. For example, voice calls to desk phones could be routed to the user's mobile telephone when required. Email intended for a desktop mailbox could be sent to the user's PDA or turned into speech for a phone message.

In the survey targeting 390 IT managers/decision makers and 524 IT users from 13 countries in Europe, North America, Asia Pacific and Middle East & Africa, respondents were asked about their perceptions of the inherent levels of security and potential risks associated with unified communications.

Based on the results of those questions, this document aims to provide more clarity on the actual risks associated with unified communications technologies and give practical advice for remediation.

The security of unified communications
In the survey, both IT managers and IT users were asked about their perceptions as it relates to the security of unified communications. The majority of IT users (52%) perceive unified communications to be as secure as most other ICT technologies. IT managers take a slightly more cautious view, with 31% believing that it is as secure as other ICT technologies.

Eighteen percent (18%) of IT managers feel that unified communications is moderately secure, while 16% believe it to be moderately risky. This result indicates that IT managers are aware of the new risk types that are associated with unified communications, while IT users are probably reasonably unaware of the risks they and their organizations might be exposed to when using communications technologies other than email.

Technology risks
IT managers were asked to indicate which unified communications technologies they believe posed the greatest risk to the organisation. Instant messaging (IM) received the highest risk rating. This could be attributed to the high levels of public IM penetration into corporate environments.

The research indicated high levels of public IM use for private and business purposes amongst end users surveyed. Enterprise mobility and PDAs also received high risk ratings. This indicates that IT managers are concerned with technologies that are harder to control, given the high level of end user penetration and limited organizational policies or procedures around these technologies in the corporate environment.

This trend is often referred to as "consumerisation of IT", where IT users bring new technologies and devices that they perceive as useful business tools that contribute to their levels of productivity into a corporate environment, without policies and guidelines for their usage. Categories of Risk Broadly put, IT managers identified and rated 3 categories of risks in relation to unified communications :

Theft of Service :
This includes toll fraud, device theft and identity theft and implies the unauthorised use of services, such as conference bridges, or the theft of identity.

Denial of Service :
This includes denial of service (DoS) and disguised attacks. It implies a deliberate or accidental attack against services and applications that render them unusable for IT users.

Privacy and Compliance :
This focuses on interception of communications and impacts the confidentiality and challenges associated with conforming to corporate compliance policies and legislation. Apart from the constant battle against unsolicited email (spam), the two biggest challenges identified by IT managers in the survey were to provide a reliable (not exposed to DoS) and secure (no exposure to identity theft) service to IT users.

Other considerations :
With a trend towards the "consumerisation" of IT, new technologies and services are being adopted faster than ever. New generations of end users are experimenting with emerging technologies like IM, internet telephony and blogging at home, and expecting to use them in the office environment.

Despite this fact, many IT users are oblivious to the new threats that these technologies bring about. IT user education research into unified communications indicates that IT users respond to the familiar threats (those that have become familiar in the context of email over the past few years) and do not immediately associate new communication channels with new risks.

Their primary concern is reserved for the threats targeting the very availability and functionality of an IT system (viruses, attacks), while annoyances, such as spam or call interceptions, are considered secondary concern. A common mantra in the security
industry is that of People, Process and Technology.

All the technology and policy in the world is no substitute for IT user education and change management. The research shows that IT users still perceive the biggest security risks to come from email, and give little consideration to theft of service, identity theft and eavesdropping.

Putting unified communications technologies in the hands of IT users who are unaware of risks and corporate policies is likely to result in any benefits being offset by the increased risk and security threats within a corporate environment. Only with proper awareness and education, will IT users derive the maximum benefit from UC while also containing security risk.

About the Author

Datacraft is the leading independent IT services and solutions company in Asia Pacific. Datacraft combines an expertise in networking, security, Microsoft solutions, storage and contact centre technologies, with advanced skills in consulting, integration and managed services, to craft IT solutions for businesses.

Rate, comment or bookmark this article

Seed Newsvine

Bookmark this article in your preferred program

Comments

No comments posted.

Add Comment

HTML code

Popular Articles in this cathegory

1: Beware The Anti Virus Scanner Scam!

Certain anti virus programs are not what they seem to be. Some of them are nothing more than elaborate ways to steal precious personal information from the unwary. Do you know how to spot them?

2: Importance of Network Security System

In today's technologically advanced world, computers play a dominant role. No matter you are at work, in studies at college or school, or just enjoying a leisurely time in your home, it is certain that you may either switch on your computer or any other related state of the art devices. The importance of computer is further enhanced by increased usage of the internet.

Regardless of your business sector size of your company, employee theft has happened and will occur in the future. Theft can be in the form of proprietary information, data, company supplies (not a pen), cash, stock manipulation, and the list is endless. However there are some common covenants that should be in place. Policy and procedure is important to running a small business or multimillion dollar corporation. They are the rules of the road. There cannot be a more important set of guidelines than how employee theft is handled within the company. Here are some suggestions regarding employee theft awareness, investigations and prevention. All policies should be reviewed by a Human Resource professional and a Labor Attorney before implementation.

4: The Dirt On MySpace's & Facebook's Safety, Security & Privacy

The safety, security & privacy issues of MySpace and Facebook are closely examined and some disturbing trends are revealed.

5: Your Computer Is Running A Little Slow

A great way to find and remove spyware is to run a spyware detector and remover, because most spyware detection and removal software today offers a free scan to verify that you do or do not have spyware on your computer.

This article is licensed under a Creative Commons Attribution-Noncommercial-No Derivative Works 3.0 License.