The shift towards hybrid workforces in recent years has forced IT teams to reassess their legacy unified communications platform security strategies. In the years leading up to 2020, the emphasis was primarily on perimeter-based security to protect sensitive business communications from external threats. While this remains crucial, it does not address the security risks associated with UC data flows conducted outside the secure confines of the corporate LAN.
One key consideration for IT teams is the adoption of cloud-delivered security tools known as Secure Access Service Edge (SASE). This innovative framework integrates firewall, secure web, and zero-trust network access into a cloud service, enabling users to securely connect to their organization’s network from any location, whether it be at home or in the office.
With the increased prevalence of hybrid workforces, businesses, especially those managing customer contact centers, have had to reconfigure their in-house UC and collaboration platforms to accommodate remote work policies. Due to substantial investments in existing UC platforms, many organizations found it impractical to transition to cloud-based solutions. Consequently, security considerations took a backseat as architects had to work with the tools at their disposal.
The rapid transition to support hybrid workforces also heightened concerns around the security of session border controllers (SBC) exposed to the internet. SBC servers, typically deployed in a secure demilitarized zone, are susceptible to security breaches that could allow bad actors to move laterally within the network, compromising additional systems and applications.
In response to these challenges, IT teams are exploring modern on-premises UC security options specifically tailored for hybrid workforces.
-
Virtual desktop infrastructure (VDI) offers a secure alternative to traditional VPNs, mitigating vulnerabilities associated with personal devices used to access business UC services. VDI platforms employ cybersecurity and encryption techniques to securely transport traffic over the internet, eliminating concerns about using personal devices for UC services.
-
Zero trust with microsegmentation provides a robust security framework for UC services, such as SBCs, exposed to the internet. By enforcing strict user and device verification and implementing microsegmentation to restrict lateral communications, organizations can significantly reduce their cybersecurity risk.
- SASE has emerged as a popular choice among businesses looking to bolster the security of latency-sensitive UC and contact center applications. Third-party SASE providers offer features such as distributed firewalls, intrusion detection and protection systems, secure web filtering, and other essential security functions designed to protect UC without introducing excessive latency.
In conclusion, as the hybrid workforce trend continues to evolve, it is imperative for IT teams to reassess their UC security architectures and explore modern solutions to combat evolving security threats effectively. By adopting innovative security frameworks like SASE and implementing best practices such as zero trust and microsegmentation, organizations can better protect their UC environments and mitigate cybersecurity risks.
Author: Andrew Froehlich, Founder of InfraMomentum and President of West Gate Networks, brings over 20 years of experience in enterprise IT to the table.