Maintaining Security Levels in the new Enterprise World

Creating the right culture and approach to employee engagement will dramatically change the desirability of a company’s profile, when it comes to attracting and retaining staff. Embracing modern tools, working models and technology can help a company differentiate itself from competitors in the same space.

Physical and cultural changes to the office, such as chill out areas, pool tables, dress down days and free drinks, can have a significant impact on the office environment, and ties in with the perceived style of a modern, high-tech office created by the likes of Google and Facebook. However these high level changes primarily impact employees that work in the office on a daily basis, and can only go so far in cementing a productive and engaging office culture – it’s technology that will truly cement a culture such as this.

With a freelance culture becoming more and more popular, and employers providing flexible working options, it’s sometimes difficult to maintain high levels of engagement and enthusiasm. In the long term, if not addressed, this could have an impact on the extent to which employees are efficiently working towards the business needs. For this reason, it’s becoming vital that employees that can’t, or don’t want to, work from the office everyday are provided with the right tools to bridge the gap between the physical office and their working day.

There is an array of cloud based collaboration tools such as Skype for Business available for the enterprise, and with improvements in mobile connectivity enabling BYOD, employers are making positive strides towards enabling the right levels of engagement and interaction with the workplace – and employees recognise and value the power that these tools provide.

But with this diverse approach to enterprise connectivity and communications comes the need to ensure high levels of network security, and by this I mean securing all elements of collaboration, not just the data being exchanged over email or file transfer. The integration of next generation Unified Communications solutions opens up a whole new avenue of security elements that must be considered and reviewed. A collaborative approach to this security model is the only way to ensure that these new tools provide benefit and not just another security headache.

The days of a fully ‘secured’ Enterprise edge are long gone – we can now view the Enterprise edge as more of a ‘porous’ surface with applications and systems reaching out into the Cloud for services and data – some initiated by employees, and others completely machine to machine based.

Threats to an Enterprise within this UC space include T-DOS (Telephony Denial of Service) – basically using very simple and widely available scripts that produce a high volume of calls to an enterprise, blocking the telephony system from receiving real calls from real customers.

And what about Fraud? – we’ve all heard about Credit Card fraud, but do you know that telephony Fraud is costing the industry more than Credit Card fraud??

How secure is your telephony system? – Fraudsters are often taking control of Enterprise voice systems out of hours, and running up thousands of calls to premium rate or international numbers – at the expense of the Enterprise.

With the reach and penetration of SIP trunking increasing, there is also a new threat on the horizon – data exfiltration using the SIP protocol. Having someone running up a bill without your knowledge is one thing – but losing valuable, private data to them via a back-door is on a whole new level – you need to ensure that all these things are planned, secured and checked on a regular basis.

The role of the traditional firewall has evolved a great deal over the years, and the introduction of other security devices such as IDS/IPS (Intrusion Detection/Prevention Systems) and UEBA (User & Entity Behavioural Analytics) have increased the protection levels significantly, but there remains a lot of ‘gaps’ within a modern, UC enabled enterprise that only a collaborative approach can address.

Of course, with all of this UC and remote working – we mustn’t forget the human interaction element – it’s still important for people to meet face-face, and have a chat over coffee and cake!