Join Focus

Connect with the world's leading business experts.

Get instant access to their expertise via world–class Q&A, Research, and Events.
×
0

Unified Communication Security

I am wondering how to best mitigate legal discovery risks introduced with voice messaging. I don’t know enough to assess if this is “false perception” or reality with regards to discover-ability and how to mitigate. We have a business integration needs (serving 50,000+ employees) halted by concerns from legal and I’m looking for expertise/information to help the business come to terms with an acceptable solution knowing we are not the first (e.g. unified messaging).
Topics
Information Technology
Unified Communications
Polak, Jonathon
Answer This Question
Jonathon Polak
asked on Oct. 27, 2009
  • Recommended by:
0
Stefano Della Valle - Hitcast
Posted on Nov. 3, 2009
  • Recommended by:

Hi Jonathon,

we have long experience in UC solution for mission critical application, where the infrastructure and content security are very important. We serve large private and gov organizations worldwide.

I guess that the risk is real and the UC solution have to guarantee the customer the maximum protection.

In particular I see three kind of risks:
- the simple and always actual risk to be intercepted on the path of the communication
- the risk to have my identity stolen allowing some one to take my reole
- the risk of open my organization to the outside world and loose control of what is going out and coming in.

Therefore a UC solution, from my point of view, have to offer these basic features:
- Be served based, not peer to peer
- Be naturally closed form the outside world, offering controlled gateways
- Encrypt the the communication flow, end to end, with high level algorithm (AES 256 + SSL)
- Grant high level authentication (better if strong authentication), authorization profiling (who can talk call to, ...) and detailed accounting
- Integrate with the organization directory to reduce the impact of managing long list of users and profiles and inherit the authentication policy.

Regarding the legal aspect, we never found specific issues, due to the fact the communication supported are private. Legal interception can be operated on the gateway that, normally, open the infrastructure to the outside world.

For any additional information do not hesitate to contact me.

Regards, Stefano

Reply to this answer

Answer This Question

Events

Related Activity

Apurv modi
Apurv modi commented on
Top IPTV Providers
6 hours 27 minutes ago
Robert Keahey
Robert Keahey answered
Poll: What smartphone technology do you use?
Feb. 11, 2012
Andrew Baker
Andrew Baker answered
Are SMB's performing and documenting security risk assessments?
Feb. 11, 2012
Robin Goodchild
Robin Goodchild answered
Google has offered to pay users to track their web activity by the minute. What are your thoughts on this?
Feb. 10, 2012
Theresa Kramarz
Theresa Kramarz answered
What factors affect the perception of ERP implementation success, ranked by importance?
Feb. 10, 2012
Laurence Ledford
Laurence Ledford answered
Salesforce.com is partnering with Infor and Workday. How will this shift the ERP industry?
Feb. 10, 2012
Marc Verdi
Marc Verdi asked
What are some reliable virtual PBX service providers?
Feb. 10, 2012
Wayne Spivak
Wayne Spivak answered
How do you boost adoption of business software?
Feb. 10, 2012
Wayne Spivak
Wayne Spivak answered
For businesses, what are the downsides to increasing automation in the U.S. workplace?
Feb. 10, 2012
Shawn Rogers
Shawn Rogers is speaking at
BI's Intersection with Social Media
Feb. 10, 2012