Cisco Unified Communication Manager Evolution

– Is your Security up to the Job?

So How Good is Your Security?

Security is only as good as your weakest link. Your weakest link could be your people, processes, or technology. Enterprises still take and store credit card details for financial transactions. Many company’s processes may allow customer data to be sent around in unsecured spreadsheets and media. Some contact centers run on older technology with phones that don’t support the latest security protocols.Whether you have an e-commerce site, contact center with automated credit card processing or sales agents on the phone, or even if you store customer data and payment details; you need to lock down every aspect that may handle this data. Encrypted data and access restriction are examples of appropriate measures to reduce the probability of a data breachYou need to keep up with security updates to leverage the best tools to lock down your environment. Failing to properly secure your network can result in data breaches which may entail fines along with the impact to your customer’s trust and your brand reputation.Are you Doing Enough?
Are the minimum recommended requirements enough. Is your business doing enough? Do you have a security strategy? Do you have a security program that is regularly tested? Do you use the appropriate technology? Are you being complacent without realizing?

You need to:

Regularly test your organization’s people, processes and technology.

Continually assess your exposure.

Every individual in the organization (including the ones in the management of the technology) needs to be fully aware of their responsibilities.

Ensure that your collaboration software and hardware are current.

Make security awareness and compliance part of your standard business processes.

Continually Refine your security strategy.

Evaluate your security policies and best practices.

Compliance with legislation may not be enough. A policy that deploys high-security techniques before they are legislated will help you mitigate the risk of an attack!What is Cisco Doing to Help You?Cisco technology can help you if you evolve your business platforms. As a minimum to support TLS 1.2, administrators should update the collaboration environment to software release 11.5 (SU5), contact center software to release 11.6(1), and Cisco Jabber® to Release 11.7 or later.Learn more about Voice Over IP Compliance here. Also, read our latest white paper on PCI DSS Compliance and workarounds.New Security Features in Unified Communications Manager 12.5Unified Communications Manager 12.5 (CSR 12.6) comes with some very useful security solutions that enhance your capability.For example:

UCM 12.5 secures multi-fork call recording with CUBE to enable MiFID 2 compliance for Financial Services Organizations. This enables you to have up to 5 recording streams for redundancy and speech analytics.

It provides TLS and SSH cypher management – enabling you to set an appropriate level of security for all elements on the network, or HTTPS TLS or SIP TLS.

Encrypted IM & P Message Archive You can encrypt your IM&P Message Archive to keep private messages private.

SIP OAuth provides a simplified process for encrypting calls made by your Jabber client. It leverages TLS and mTLS without the need for complex client certificates.

Both CUCM and Expressway now support a Single SAML Agreement per cluster. Organizations can implement dual-factor authentication both inside and outside of your network.

QR/Activation Code QR/Activation Code not only simplifies the way that you deploy phones but improves the security posture of those phones by removing cached username and passwords.

More detail on specific security features can be found in our comprehensive Security Guide for UCM 12.5(1).Cisco Devices- PhonesThe latest IP Phones, 7800 and 8800 models support TLS 1.2. This mitigates vulnerabilities in earlier TLS versions, enhancing security on your network devices. This is not possible with older models of Cisco IP Phones(6900, 7900, 8900, and 9900 Series) that you may have deployed.

With TLS1.2 you can use Elliptic Curve Cryptography and SSH to strengthen your security for phones beyond the minimum specifications. Taking advantage of the cypher suite management.

Read our white paper — Cisco IP Phone 7800 and 8800 Series Security Overview In SummaryWhatever your security policy is, Cisco is building and designing robust system solutions. Solutions that have longevity in life span and that are continually updated with security updates and fixes. Cisco also provides significant version upgrades with enhanced functionality and feature capabilities. This provides the opportunity to benefit from richer features, management tools and security, giving you even more robust systems in the continual battle against the cybercriminals.Talk to your Cisco Account Manager or Preferred Cisco Partner to find out more. Don’t have one? Click here to find a partner!Learn More:

Connect with others blogs in the Unified Communication Manager Evolution Blog Series

Calling in Webex Teams — Powered by Cisco Unified Communications Manager

How Much Security Do You Really Need?

Source: blogs.cisco.com