Securing Unified Communications for Healthcare

Size: px
Start display at page:

Download "Securing Unified Communications for Healthcare"

Transcription

1 Securing Unified Communications for Healthcare Table of Contents Securing UC A Unique Process... 2 Fundamental Components of a Healthcare UC Security Architecture... 3 Making Unified Communications Secure Enough for Healthcare... 5 Avaya UC Solutions Help Healthcare Organizations... 6 Blending Opportunity with Security... 6 Learn More... 7 Secure unified communications that protect patients from privacy violations and healthcare providers from the consequences of noncompliance Unified communications (UC) is a mission-critical tool for today s healthcare organizations. Although it has advantages that apply to all industries and organizations, it is especially important for the healthcare industry because delayed or misinterpreted communications can affect patients health and even their lives. UC facilitates more effective communications and can help lower costs, in addition to helping meet the demand for better productivity and improved care. In response to government mandates, hospitals are transitioning to electronic health records (EHR), and increasingly, are delivering critical voice, , text, and video via mobile applications. UC helps address the challenges inherent in electronic distribution, such as the need to integrate the right communication tools into the context of the user and task. It can reduce errors and delays, and make operations more efficient creating a single interface for communications via smartphones, laptops, tablets and traditional telephone interfaces. All this means faster, more accurate communication, which in turn can translate into prompt, safe patient care. UC helps save time and resources, allowing staff to fully and efficiently utilize resources, shorten patient stays, and lower costs. Since most UC systems are auditable, it also helps healthcare organizations comply with government mandates such as the United States Health Insurance Portability and Accountability Act of 1996 (HIPAA). Whether or not healthcare providers can exploit these advantages hinges on another critical concern security. Healthcare organizations and the communications systems they use handle the most private and sensitive kind of information. Protecting that information from alteration, loss, and unauthorized access is a matter of law as well as compassion and common sense. Failure to comply with laws and regulations puts the organization at avaya.com 1

2 financial risk. Based on a February 2011 research report by the Aberdeen Group 1, poor communications security has the potential for serious consequences in the healthcare industry as well as in other industries. According to the report, the average maximum cost for a single lapse in regulatory compliance can cost: $2.1 million for Sarbanes-Oxley $1.5 million for Global Privacy Regulations $1.4 million for Securities and Exchange Commission Regulations $1.3 million for PCI DSS $1.1 million for HIPAA Securing UC A Unique Process When adopters begin using unified communications, many focus on the benefits realized by deploying the core technology, and are slow to recognize specific security concerns and the best practices to address them. As UC becomes more and more common across industries, some security insights are universally applicable. UC applications operate in real time, and must be secured in real time. UC operates at the application layer; therefore, it requires application layer inspection for proper security. UC is based on an endlessly changing combination of device types, creating more doors to guard. UC can use untrusted networks that are outside the IT department s control. (As in other industries, healthcare workers now continue to work while on the move or at home.) Compliance rules that apply to more traditional IT and communication types apply to unified communications as well. All these insights apply to healthcare operations, but healthcare also has its own unique requirements. UC security in the healthcare realm is not, for instance, the same thing as data network security, which is a primary concern in corporate UC implementations. The healthcare industry needs real-time, application-layer security for applications and devices sharing the same 1 Aberdeen Research Brief: Unified Communications Security: A Best-in-Class Strategy to Unleash Value February 2011 avaya.com 2

3 infrastructure. In addition, information security mandates and compliance rules are arguably more extensive and stringent than those in any other industry HIPAA in the United States, the Personal Health Information Protection Act (PHIPA) in Canada, the Data Protection Act (DPA) of 1998 in the United Kingdom, Data Protection Directive 95/46/EC for members of the European Union, and similar regulations enforced by national and local governments around the world. Complying with legal mandates is not easy. Hospitals are already bring-yourown-device (BYOD) environments, and unified communications solutions allow more smartphones, tablets, videophones, and soft clients into the mix as well as more end points. In addition, hospitals must contend with threats that are common across industries, such as identity theft, research espionage, and toll fraud, as well as many more pressing concerns. Hospitals must be on alert for denial-of-service attacks, which can affect the critical communications that direct patient care, or the privacy risk posed when doctors, nurses, and pharmacists send protected patient data over an unauthorized instant messaging application that uses a cloud-hosted application on the Internet. Fundamental Components of a Healthcare UC Security Architecture An effective UC security architecture for healthcare settings requires four critical capabilities: encryption, access control, threat detection, and policy enforcement. Encryption for privacy Although all unified communication devices offer encryption, some organizations don t use it. Particularly in healthcare institutions, internal users are seen as well intentioned and benevolent care givers who can be trusted with sensitive data. However, the risk of a single malevolent insider with access to life-critical, ultra-private information is unacceptable. From a security architecture standpoint, healthcare UC requires applicationlayer encryption, such as Transport Layer Security (TLS) for signaling and Secure Real-Time Transport Protocol (SRTP) for media. This is the most common encryption standard implemented in UC gear. Since clients that support TLS and SRTP encryption are available for smartphones, tablets, and avaya.com 3

4 other devices, adherence to these standards helps resolve the security issues associated with the proliferation of end points. TLS and SRTP are used to secure voice communications, as well as instant messaging and video traffic from intelligent endpoints. Access control and authentication for devices and users Access control is particularly important for hospitals, where there is a continuous turnover of patients and visitors, most of whom carry one or more communication devices. A healthcare UC architecture should include application-layer access control to complement standard network-level firewalling and authentication schemes. Equally important is session border control. The feature can be used to terminate SIP trunks, as well as provide a point of demarcation and control between trusted enterprise networks and untrusted carrier trunks. The architecture should also include the ability to hide topologies and conduct network address translation (NAT), which can effectively shield the healthcare organization s UC infrastructure, end points, and users from external parties. In addition, hospitals that use mobile UC end points can direct the session border controller to grant secure remote access to devices even if those devices are outside the enterprise. Threat detection and mitigation Toll fraud and eavesdropping are also key security concerns for hospitals. With a transient visitor population and easy public access to premises, vulnerability to toll fraud puts hospital funds (and ultimately patient care) at risk. Because patient information is among the most sensitive type of data, it must be stringently guarded against eavesdroppers. The appropriate defense is a signature-based intrusion prevention system that operates at the application layer and continuously scans signaling and media traffic to detect the patterns that indicate an attack. Policy enforcement The healthcare environment is heavily regulated, and at the same time, characterized by an extremely stringent demand for performance. A healthcare UC architecture must be able to act on regulatory mandated policies in real time without affecting speed and quality of delivery. This requires a centralized, easy-to-manage UC architecture to consistently apply policies avaya.com 4

5 across applications and networks. UC security should also enforce virtual LAN separation of voice and data traffic, to prevent attackers from hopping from the voice VLAN to the data VLAN, where they can gain access to any system on the network, including critical data repositories. Making Unified Communications Secure Enough for Healthcare Avaya has identified UC practices that can help healthcare organizations prevent intrusions and operational disruptions while maintaining compliance with privacy and security mandates. Secure all end points, especially those most often used for remote access such as smartphones, tablets, and laptops Use specialized UC security appliances that can encrypt both media and signaling connections in real time and on the fly, without requiring virtual private networks (VPNs) and tunnels for , IM, VoIP, and video communications Deploy SIP trunks for network and communications security, demarcation, and control Deploy enterprise session border controllers (SBCs) that contain integrated capabilities for policy enforcement, access control, failover, and deep packet inspection Figure 1 shows how SIP trunks and enterprise SBCs can provide comprehensive UC security when deployed together. SIP trunks protect enterprise VoIP communications by applying TLS or SRTP encryption. SBCs, especially if they contain the integrated components addressing the four elements of UC security described above, offer many benefits, including enforcement of enterprisespecific security policies. They also provide a layer of independence from service providers, enabling multiple SIP trunk provider access points, and support enterprise-specific call flows that service providers may not. By operating in real time, SBCs can secure VoIP and other UC applications over any network to any device. They help enforce enterprise security policies and compliance with industry privacy and security guidelines, without compromising performance. avaya.com 5

6 Avaya UC Solutions Help Healthcare Organizations REMOTE WORKER Hacker ROGUE DEVICE Properly encrypt the transmissions between INTERNET VoIP/UC applications and end points, including PSTN signalling and media Deploy SIP trunks with the industry s best security, demarcation, HOSPITAL Avaya SBCAE Avaya SBCAE SIP TRUNK PBX and control Support HIPAA Recording Compliance compliance by properly logging and protecting all private patient data communications Infected Softphone/PC Actively enforce security policies to prevent unauthorized applications or patient information Figure 1. Unified communications security with sip trunking and sbc controls leakage Scan and act on all Blending Opportunity with Security signalling and traffic based Today s communications travel in a multivendor, multiple-device, interoperable on updated threat and world. It spills into the controlled environment of the hospital or clinic, and attack markers provided brings opportunities to enhance patient care. Unifying these communications by the VIPER Lab can help healthcare organizations increase flexibility, reduce cost and complexity, and enhance user experience. But UC needs to be secure. By addressing the four dimensions of UC security, healthcare institutions can capture UC benefits, and at the same time, protect patient data from unauthorized access and patient care from disruption. avaya.com 6

7 About Avaya Avaya is a global provider of business collaboration and communications solutions, providing unified communications, contact centers, networking and related services to companies of all sizes around the world. For more information please visit Learn More To learn more and to obtain additional information such as white papers and case studies about Avaya Session Border Controller Advanced for Enterprise please contact your Avaya Account Manager or Authorized Partner or visit us at Avaya Inc. All Rights Reserved. All trademarks identified by,, or SM are registered marks, trademarks, and service marks, respectively, of Avaya Inc. 05/12 UC7078 avaya.com 7

Securing SIP Trunks APPLICATION NOTE. www.sipera.com

Securing SIP Trunks APPLICATION NOTE. www.sipera.com APPLICATION NOTE Securing SIP Trunks SIP Trunks are offered by Internet Telephony Service Providers (ITSPs) to connect an enterprise s IP PBX to the traditional Public Switched Telephone Network (PSTN)

More information

Ingate Firewall/SIParator SIP Security for the Enterprise

Ingate Firewall/SIParator SIP Security for the Enterprise Ingate Firewall/SIParator SIP Security for the Enterprise Ingate Systems February, 2013 Ingate Systems AB (publ) Tel: +46 8 600 77 50 BACKGROUND... 1 1 NETWORK SECURITY... 2 2 WHY IS VOIP SECURITY IMPORTANT?...

More information

White Paper. avaya.com 1. Table of Contents. Starting Points

White Paper. avaya.com 1. Table of Contents. Starting Points White Paper Session Initiation Protocol Trunking - enabling new collaboration and helping keep the network safe with an Enterprise Session Border Controller Table of Contents Executive Summary...1 Starting

More information

ENTERPRISE SESSION BORDER CONTROLLERS: SAFEGUARDING TODAY S AND TOMORROW S UNIFIED COMMUNICATIONS

ENTERPRISE SESSION BORDER CONTROLLERS: SAFEGUARDING TODAY S AND TOMORROW S UNIFIED COMMUNICATIONS ENTERPRISE SESSION BORDER CONTROLLERS: SAFEGUARDING TODAY S AND TOMORROW S UNIFIED COMMUNICATIONS ALCATEL-LUCENT OPENTOUCH SESSION BORDER CONTROLLER A SECURE SOLUTION FOR BORDERLESS CONVERSATIONS APPLICATION

More information

AIRDEFENSE SOLUTIONS PROTECT YOUR WIRELESS NETWORK AND YOUR CRITICAL DATA SECURITY AND COMPLIANCE

AIRDEFENSE SOLUTIONS PROTECT YOUR WIRELESS NETWORK AND YOUR CRITICAL DATA SECURITY AND COMPLIANCE AIRDEFENSE SOLUTIONS PROTECT YOUR WIRELESS NETWORK AND YOUR CRITICAL DATA SECURITY AND COMPLIANCE THE CHALLENGE: SECURE THE OPEN AIR Wirelesss communication lets you take your business wherever your customers,

More information

What is an E-SBC? WHITE PAPER

What is an E-SBC? WHITE PAPER Executive Summary Enterprise communications is in a state of transformation. Businesses are replacing conventional PBX systems with VoIP and Unified Communications (UC) solutions and cloud-based services

More information

AIRDEFENSE SOLUTIONS PROTECT YOUR WIRELESS NETWORK AND YOUR CRITICAL DATA SECURITY AND COMPLIANCE

AIRDEFENSE SOLUTIONS PROTECT YOUR WIRELESS NETWORK AND YOUR CRITICAL DATA SECURITY AND COMPLIANCE AIRDEFENSE SOLUTIONS PROTECT YOUR WIRELESS NETWORK AND YOUR CRITICAL DATA SECURITY AND COMPLIANCE THE CHALLENGE: SECURE THE OPEN AIR Wirelesss communication lets you take your business wherever your customers,

More information

Recommended IP Telephony Architecture

Recommended IP Telephony Architecture Report Number: I332-009R-2006 Recommended IP Telephony Architecture Systems and Network Attack Center (SNAC) Updated: 1 May 2006 Version 1.0 SNAC.Guides@nsa.gov This Page Intentionally Left Blank ii Warnings

More information

A Business Case for Mobility Solutions

A Business Case for Mobility Solutions A Business Case for Mobility Solutions For Healthcare Providers Table of Contents Introduction... 1 Mobile math: roaming, overages, and minute plans = an unhealthy bottom line... 2 Containing mobile costs:

More information

Oracle s Solution for Secure Remote Workers. Providing Protected Access to Enterprise Communications

Oracle s Solution for Secure Remote Workers. Providing Protected Access to Enterprise Communications Oracle s Solution for Secure Remote Workers Providing Protected Access to Enterprise Communications Our forecast shows that the worldwide mobile worker population will increase to more than 1.3 billion

More information

How the ETM (Enterprise Telephony Management) System Relates to Session Border Controllers (SBCs) A Corporate Whitepaper by SecureLogix Corporation

How the ETM (Enterprise Telephony Management) System Relates to Session Border Controllers (SBCs) A Corporate Whitepaper by SecureLogix Corporation How the ETM (Enterprise Telephony Management) System Relates to Session Border Controllers (SBCs) A Corporate Whitepaper by SecureLogix Corporation Introduction Enterprises are continuing to convert and

More information

OpenScape Session Border Controller Delivering security, interoperability and cost savings to the enterprise network border

OpenScape Session Border Controller Delivering security, interoperability and cost savings to the enterprise network border Siemens Enterprise Communications Session Border Controller Delivering security, interoperability and cost savings to the enterprise network border April 2011 Agenda 1 Industry Trends 2 Customer Initiatives

More information

Say Yes to BYOD How Fortinet Enables You to Protect Your Network from the Risk of Mobile Devices WHITE PAPER

Say Yes to BYOD How Fortinet Enables You to Protect Your Network from the Risk of Mobile Devices WHITE PAPER Say Yes to BYOD How Fortinet Enables You to Protect Your Network from the Risk of Mobile Devices WHITE PAPER FORTINET Say Yes to BYOD PAGE 2 Introduction Bring Your Own Device (BYOD) and consumerization

More information

SBC WHITE PAPER. The Critical Component

SBC WHITE PAPER. The Critical Component SBC WHITE PAPER The Critical Component Table of Contents of your VoIP Infrastructure... 3 Enter the SBC... 4 Functions... 5 Security... 5 Denial of Service... 5 Toll Fraud... 6 Encryption... 6 Policy...

More information

Session Border Controllers in Enterprise

Session Border Controllers in Enterprise A Light Reading Webinar Session Border Controllers in Enterprise Thursday, October 7, 2010 Hosted by Jim Hodges Senior Analyst Heavy Reading Sponsored by: Speakers Natasha Tamaskar VP Product Marketing

More information

T6 w a y s t o m a x i m i z e y o u r s u c c e s s

T6 w a y s t o m a x i m i z e y o u r s u c c e s s B e s t P r a c t i c e s f o r I P D e p l o y m e n t i n a M u l t i - v e n d o r E n v i r o n m e n t T6 w a y s t o m a x i m i z e y o u r s u c c e s s Authored by Ajay Kapoor, Senior Manager,

More information

Connecting MPLS Voice VPNs Enabling the Secure Interconnection of Inter-Enterprise VoIP

Connecting MPLS Voice VPNs Enabling the Secure Interconnection of Inter-Enterprise VoIP Connecting MPLS Voice VPNs Enabling the Secure Interconnection of Inter-Enterprise VoIP Connecting MPLS Voice VPNs Enabling the secure interconnection of Inter-Enterprise VoIP Executive Summary: MPLS Virtual

More information

SIP SECURITY JULY 2014

SIP SECURITY JULY 2014 SIP SECURITY JULY 2014 Executive Overview As with any data or communication service, it s important that all enterprises understand potential security issues related to SIP Trunking. This paper provides

More information

SIP Security Controllers. Product Overview

SIP Security Controllers. Product Overview SIP Security Controllers Product Overview Document Version: V1.1 Date: October 2008 1. Introduction UM Labs have developed a range of perimeter security gateways for VoIP and other applications running

More information

SBC - the UC-glue Security, Interoperability, Reliability. Alexander Kunzi

SBC - the UC-glue Security, Interoperability, Reliability. Alexander Kunzi SBC - the UC-glue Security, Interoperability, Reliability Alexander Kunzi Agenda SBC? Was s das? Wer ist ACME? Is das sicher? Und wie flexibel? Acme Packet Enterprise Solutions Marketing Page 2 Customer

More information

An Oracle White Paper August 2013. What Is an Enterprise Session Border Controller?

An Oracle White Paper August 2013. What Is an Enterprise Session Border Controller? An Oracle White Paper August 2013 What Is an Enterprise Session Border Controller? Introduction... 1 Redefining Enterprise Communications... 2 E-SBCs Protect and Control IP Communications... 3 E-SBCs Do

More information

Adopt a unified, holistic approach to a broad range of data security challenges with IBM Data Security Services.

Adopt a unified, holistic approach to a broad range of data security challenges with IBM Data Security Services. Security solutions To support your IT objectives Adopt a unified, holistic approach to a broad range of data security challenges with IBM Data Security Services. Highlights Balance effective security with

More information

Voice over IP Security

Voice over IP Security Voice over IP Security Patrick Park Cisco Press Cisco Press 800 East 96th Street Indianapolis, Indiana 46240 USA vii Contents Introduction xvii Part I VoIP Security Fundamentals 3 Chapter 1 Working with

More information

Clean VPN Approach to Secure Remote Access

Clean VPN Approach to Secure Remote Access Clean VPN Approach to Secure Remote Access A clean VPN approach delivers layered defense-in-depth protection for the core elements of business communications. CONTENTS Extending Business Beyond the Perimeter

More information

Building the Lync Security Eco System in the Cloud Fact Sheet.

Building the Lync Security Eco System in the Cloud Fact Sheet. Building the Lync Security Eco System in the Cloud Fact Sheet. [Type text] The need to secure all entries to the fastest growing Unified Communication application (UC) and allow for complete inter-operability

More information

OpenScape UC Firewall and OpenScape Session Border Controller

OpenScape UC Firewall and OpenScape Session Border Controller UC Firewall and Session Border Controller Security within and beyond the boundaries Security within and beyond your network s boundaries Our connected world We are living and working in a new world that

More information

Best Practices for Securing IP Telephony

Best Practices for Securing IP Telephony Best Practices for Securing IP Telephony Irwin Lazar, CISSP Senior Analyst Burton Group Agenda VoIP overview VoIP risks Mitigation strategies Recommendations VoIP Overview Hosted by VoIP Functional Diagram

More information

VOICE FIREWALL. Secure your voice network edge and prevent financial losses.

VOICE FIREWALL. Secure your voice network edge and prevent financial losses. VOICE FIREWALL Secure your voice network edge and prevent financial losses. The ETM Voice Firewall secures your critical networking resources and lowers telecom expenses by protecting your enterprise voice

More information

Session Border Controllers: Securing Real-Time Communications

Session Border Controllers: Securing Real-Time Communications Session Border Controllers: Securing Real-Time Communications Why do I need an SBC if I already have a firewall? It s not uncommon for enterprises to believe that the same device that protects their data

More information

Deploying secure wireless network services The Avaya Identity Engines portfolio offers flexible, auditable management for secure wireless networks.

Deploying secure wireless network services The Avaya Identity Engines portfolio offers flexible, auditable management for secure wireless networks. Table of Contents Section 1: Executive summary...1 Section 2: The challenge...2 Section 3: WLAN security...3 and the 802.1X standard Section 4: The solution...4 Section 5: Security...4 Section 6: Encrypted

More information

Whitepaper SBC Sticker Shock

Whitepaper SBC Sticker Shock Whitepaper SBC Sticker Shock Table of Contents I. Introduction... 3 II. Why an SBC?... 3 III. Avoiding Unexpected SBC Costs... 4 IV. Endpoints... 5 V. SIP Licenses... 5 VI. Conclusion... 6 DECEMBER 2014

More information

Security & Encryption

Security & Encryption Security & Encryption Introduction: the importance of encryption nected networks, spies can tap into the connection from Encryption for security is thousands of years old. With the No longer can any business

More information

PETER CUTLER SCOTT PAGE. November 15, 2011

PETER CUTLER SCOTT PAGE. November 15, 2011 Future of Fax: SIP Trunking PETER CUTLER SCOTT PAGE November 15, 2011 QUESTIONS AND ANSWERS TODAY S SPEAKERS Peter Cutler Vice President of Sales Instant InfoSystems Scott Page Subject Matter Expert Dialogic

More information

Whitepaper. Are Firewalls Enough for End-to-End. VoIP Security

Whitepaper. Are Firewalls Enough for End-to-End. VoIP Security Whitepaper Are Firewalls Enough for End-to-End VoIP Security Table of Contents I. Introduction... 3 II. Definitions... 3 III. Security... 4 IV. Interoperability... 5 V. Availability... 5 VI. A single demarcation

More information

VoIP Encryption in the Enterprise

VoIP Encryption in the Enterprise VoIP Encryption in the Enterprise www.sonus.net Table of Contents Introduction...................................... 1 VoIP and UC Increase Productivity and Risk.................... 1 Why VoIP Attacks

More information

The Business Value of Enterprise SIP - A CIO View

The Business Value of Enterprise SIP - A CIO View The Business Value of Enterprise SIP - A CIO View Table of Contents Background... 1 What is SIP?... 1 Why SIP?... 1 1. Presence... 2 2. User Centricity vs. Device Bound... 3 3. SIP Trunking and Delivering

More information

Enforcing Security Policies

Enforcing Security Policies Enforcing Security Policies Key Differentiator NetVanta Microsoft Desktop Auditing Providing Insight Into Your Network With an increasingly mobile workforce, technology portability, and the increase in

More information

WHITEPAPER. Addressing Them with Secure Network Access Control. Executive Summary... An Evolving Network Environment... 2

WHITEPAPER. Addressing Them with Secure Network Access Control. Executive Summary... An Evolving Network Environment... 2 WHITEPAPER Top 4 Network Security Challenges in Healthcare Addressing Them with Secure Network Access Control Executive Summary... 1 Top 4 Network Security Challenges Addressing Security Challenges with

More information

Clean VPN Approach to Secure Remote Access for the SMB

Clean VPN Approach to Secure Remote Access for the SMB Clean VPN Approach to Secure Remote Access for the SMB A clean VPN approach delivers layered defense-in-depth protection for the core elements of business communications. CONTENTS Extending Business Beyond

More information

Preparing VoIP and Unified Communications Systems for IPv6 Technical Summary September 2014

Preparing VoIP and Unified Communications Systems for IPv6 Technical Summary September 2014 Preparing VoIP and Unified Communications Systems for IPv6 Technical Summary September 2014 [Type text] As the limited number of remaining IPv4 addresses are allocated to ISPs, it is becoming increasingly

More information

Cconducted at the Cisco facility and Miercom lab. Specific areas examined

Cconducted at the Cisco facility and Miercom lab. Specific areas examined Lab Testing Summary Report July 2009 Report 090708 Product Category: Unified Communications Vendor Tested: Key findings and conclusions: Cisco Unified Communications solution uses multilayered security

More information

Oracle Converged Communications Solution

Oracle Converged Communications Solution Oracle Converged Communications Solution Simplify and reduce the cost of operating multivendor communications networks The Oracle Converged Communications Solution dramatically simplifies multivendor communications

More information

Say Yes to BOYD How Fortinet Enables You to Protect Your Network from the Risk of Mobile Devices

Say Yes to BOYD How Fortinet Enables You to Protect Your Network from the Risk of Mobile Devices Say Yes to BOYD How Fortinet Enables You to Protect Your Network from the Risk of Mobile Devices Introduction Bring Your Own Device (BYOD) and consumerization of IT are all phrases that serve to encompass

More information

ICTTEN5168A Design and implement an enterprise voice over internet protocol and a unified communications network

ICTTEN5168A Design and implement an enterprise voice over internet protocol and a unified communications network ICTTEN5168A Design and implement an enterprise voice over internet protocol and a unified communications network Release: 1 ICTTEN5168A Design and implement an enterprise voice over internet protocol and

More information

Innovation in Security. Secure Enterprise U n i f i e d C o m m u n i c a t i o n to protect business assets in the 21st Century

Innovation in Security. Secure Enterprise U n i f i e d C o m m u n i c a t i o n to protect business assets in the 21st Century Innovation in Security Secure Enterprise U n i f i e d C o m m u n i c a t i o n to protect business assets in the 21st Century The complete Security Solution for SIP and Unified Communications designed

More information

THE TOP SECURITY QUESTIONS YOU SHOULD ASK A CLOUD COMMUNICATIONS PROVIDER

THE TOP SECURITY QUESTIONS YOU SHOULD ASK A CLOUD COMMUNICATIONS PROVIDER THE TOP SECURITY QUESTIONS YOU SHOULD ASK A CLOUD COMMUNICATIONS PROVIDER How to ensure a cloud-based phone system is secure. BEFORE SELECTING A CLOUD PHONE SYSTEM, YOU SHOULD CONSIDER: DATA PROTECTION.

More information

SIP Trunking with Microsoft Office Communication Server 2007 R2

SIP Trunking with Microsoft Office Communication Server 2007 R2 SIP Trunking with Microsoft Office Communication Server 2007 R2 A Dell Technical White Paper By Farrukh Noman Dell Product Group - Enterprise THIS WHITE PAPER IS FOR INFORMATIONAL PURPOSES ONLY, AND MAY

More information

Oracle s Unified Communications Infrastructure Solution. Delivering Secure, Reliable, and Scalable Unified Communications Services

Oracle s Unified Communications Infrastructure Solution. Delivering Secure, Reliable, and Scalable Unified Communications Services Oracle s Unified Communications Infrastructure Solution Delivering Secure, Reliable, and Scalable Unified Communications Services Oracle s UC infrastructure solution combines tightly coupled session management,

More information

S-Series SBC Interconnect Solutions. A GENBAND Application Note May 2009

S-Series SBC Interconnect Solutions. A GENBAND Application Note May 2009 S-Series SBC Interconnect Solutions A GENBAND Application Note May 2009 Business Requirements A ubiquitous global voice service offering is the challenge among today s large service providers. The need

More information

Avaya Session Border Controller for Enterprise

Avaya Session Border Controller for Enterprise Avaya Session Border Controller for Enterprise A security solution for SIP-based networks implementing unified communications applications Customer service is at the heart of what we do, and as a leader

More information

SIP Trunking Configuration with

SIP Trunking Configuration with SIP Trunking Configuration with Microsoft Office Communication Server 2007 R2 A Dell Technical White Paper End-to-End Solutions Team Dell Product Group - Enterprise THIS WHITE PAPER IS FOR INFORMATIONAL

More information

Comparing Session Border Controllers to Firewalls with SIP Application Layer Gateways in Enterprise Voice over IP and Unified Communications Scenarios

Comparing Session Border Controllers to Firewalls with SIP Application Layer Gateways in Enterprise Voice over IP and Unified Communications Scenarios An Oracle White Paper June 2013 Comparing Session Border Controllers to Firewalls with SIP Application Layer Gateways in Enterprise Voice over IP and Unified Communications Scenarios Introduction Voice

More information

Security For Multi-Tier, Multi-Owner Converged Networks

Security For Multi-Tier, Multi-Owner Converged Networks Security For Multi-Tier, Multi-Owner Converged Networks Table of Contents An Accelerating Trend Toward Outsourcing... 1 The Attendant Security Threat... 2 Security Concerns with Hybrid Networks... 2 Security

More information

VoIP Encryption in the Enterprise

VoIP Encryption in the Enterprise VoIP Encryption in the Enterprise Table of Contents Introduction..................................... 1 VoIP and UC Increase Productivity and Risk................... 1 Why VoIP Attacks Are on the Rise.........................

More information

Achieving Truly Secure Cloud Communications. How to navigate evolving security threats

Achieving Truly Secure Cloud Communications. How to navigate evolving security threats Achieving Truly Secure Cloud Communications How to navigate evolving security threats Security is quickly becoming the primary concern of many businesses, and protecting VoIP vulnerabilities is critical.

More information

Compliance and Unified Communication

Compliance and Unified Communication Compliance and Unified Communication January 2015 [Type text] There are two topics that should be uppermost in every CISO's mind, how to address the growing demand for Unified Communications (UC) and how

More information

Deploying Firewalls Throughout Your Organization

Deploying Firewalls Throughout Your Organization Deploying Firewalls Throughout Your Organization Avoiding break-ins requires firewall filtering at multiple external and internal network perimeters. Firewalls have long provided the first line of defense

More information

Dell s Five Best Practices for Maximizing Mobility Benefits while Maintaining Compliance with Data Security and Privacy Regulations

Dell s Five Best Practices for Maximizing Mobility Benefits while Maintaining Compliance with Data Security and Privacy Regulations Dell s Five Best Practices for Maximizing Mobility Benefits while Maintaining Compliance with Data Security and Privacy Regulations Inside ü Tips for deploying or expanding BYOD programs while remaining

More information

Police. 21st Century Security Problem for Police Authorities.

Police. 21st Century Security Problem for Police Authorities. Police 21st Century Security Problem for Police Authorities. The complete story of how to deliver a new wave of security for voice/video software, that we deploy alongside productivity tools in every 21

More information

Implementing Cisco Unified Communications Security (UCSECv1.0)

Implementing Cisco Unified Communications Security (UCSECv1.0) Implementing Cisco Unified Communications Security (UCSECv1.0) Course Objectives Identify vulnerabilities in Cisco Unified Communications networks and describe security strategies, cryptographic services,

More information

Attachment Q5. Voice over Internet Protocol (VoIP)

Attachment Q5. Voice over Internet Protocol (VoIP) DHS 4300A Sensitive Systems Handbook Attachment Q5 To Handbook v. 11.0 Voice over Internet Protocol (VoIP) Version 11.0 December 22, 2014 Protecting the Information that Secures the Homeland This page

More information

Security Testing Summary of Next-Generation Enterprise VoIP Solution: Unify Inc. OpenScape SBC V8

Security Testing Summary of Next-Generation Enterprise VoIP Solution: Unify Inc. OpenScape SBC V8 Security Testing Summary of Next-Generation Enterprise VoIP Solution: Unify Inc. OpenScape SBC V8 SR140531D 19 August 2014 Miercom www.miercom.com Overview Unify Inc. (formerly Siemens Enterprise Communications)

More information

Multi-layered Security Solutions for VoIP Protection

Multi-layered Security Solutions for VoIP Protection Multi-layered Security Solutions for VoIP Protection Copyright 2005 internet Security Systems, Inc. All rights reserved worldwide Multi-layered Security Solutions for VoIP Protection An ISS Whitepaper

More information

WHITEPAPER. Wireless LAN Security for Healthcare and HIPAA Compliance

WHITEPAPER. Wireless LAN Security for Healthcare and HIPAA Compliance WHITEPAPER Wireless LAN Security for Healthcare and HIPAA Compliance Wireless LAN Security for Healthcare and HIPAA Compliance Wireless deployments in healthcare institutions have accelerated as mobility

More information

The Fortinet Secure Health Architecture

The Fortinet Secure Health Architecture The Fortinet Secure Health Architecture Providing Next Generation Secure Healthcare for The Healthcare Industry Authored by: Mark Hanson U.S. Director Fortinet, Inc. - Healthcare Introduction Healthcare

More information

Microsoft Lync and SIP trunking - Ensuring multi-vendor technology success with Prognosis

Microsoft Lync and SIP trunking - Ensuring multi-vendor technology success with Prognosis White Paper Microsoft Lync and SIP trunking - Ensuring multi-vendor technology success with Prognosis by Sue Bradshaw: Technology Writer, Integrated Research Ensuring new technology like Lync delivers

More information

The Healthcare challenge to protect patient information - HIPAA Compliance

The Healthcare challenge to protect patient information - HIPAA Compliance The Healthcare challenge to protect patient information - HIPAA Compliance Introduction Every industry presents its own challenges, and the healthcare industry has its own. Healthcare Organisations (HCOs)

More information

Enterprise Security Solutions

Enterprise Security Solutions Enterprise Security Solutions World-class technical solutions, professional services and training from experts you can trust ISOCORP is a Value-Added Reseller (VAR) and services provider for best in class

More information

Security Best Practices for Enterprise VoIP. Preventing Attacks and Managing Risk

Security Best Practices for Enterprise VoIP. Preventing Attacks and Managing Risk Security Best Practices for Enterprise VoIP Preventing Attacks and Managing Risk A Sipera White Paper September 2007 Summary To take full advantage of unified communications (UC), enterprises are extending

More information

T.38 fax transmission over Internet Security FAQ

T.38 fax transmission over Internet Security FAQ August 17, 2011 T.38 fax transmission over Internet Security FAQ Give me a rundown on the basics of T.38 Fax over IP security. Real time faxing using T.38 SIP trunks is just as secure as sending faxes

More information

White Paper A SECURITY GUIDE TO PROTECTING IP PHONE SYSTEMS AGAINST ATTACK. A balancing act

White Paper A SECURITY GUIDE TO PROTECTING IP PHONE SYSTEMS AGAINST ATTACK. A balancing act A SECURITY GUIDE TO PROTECTING IP PHONE SYSTEMS AGAINST ATTACK With organizations rushing to adopt Voice over IP (VoIP) technology to cut costs and integrate applications designed to serve customers better,

More information

Mobile Security Checklist. An Easy, Achievable Plan for Security and Compliance

Mobile Security Checklist. An Easy, Achievable Plan for Security and Compliance Mobile Security Checklist An Easy, Achievable Plan for Security and Compliance Introduction Are mobile devices the weak link in your security defenses? Today, organizations are pouring millions of dollars

More information

Permeo Technologies WHITE PAPER. HIPAA Compliancy and Secure Remote Access: Challenges and Solutions

Permeo Technologies WHITE PAPER. HIPAA Compliancy and Secure Remote Access: Challenges and Solutions Permeo Technologies WHITE PAPER HIPAA Compliancy and Secure Remote Access: Challenges and Solutions 1 Introduction The Healthcare Insurance Portability and Accountability Act (HIPAA) of 1996 has had an

More information

WHITEPAPER. Addressing Them with Adaptive Network Security. Executive Summary... An Evolving Network Environment... 2. Adaptive Network Security...

WHITEPAPER. Addressing Them with Adaptive Network Security. Executive Summary... An Evolving Network Environment... 2. Adaptive Network Security... WHITEPAPER Top 4 Network Security Challenges in Healthcare Addressing Them with Adaptive Network Security Executive Summary... 1 Top 4 Network Security Challenges Addressing Security Challenges with Adaptive

More information

A Brief Overview of VoIP Security. By John McCarron. Voice of Internet Protocol is the next generation telecommunications method.

A Brief Overview of VoIP Security. By John McCarron. Voice of Internet Protocol is the next generation telecommunications method. A Brief Overview of VoIP Security By John McCarron Voice of Internet Protocol is the next generation telecommunications method. It allows to phone calls to be route over a data network thus saving money

More information

Wireless LANs and Healthcare: Understanding Security to Ensure Compliance with HIPAA

Wireless LANs and Healthcare: Understanding Security to Ensure Compliance with HIPAA : Understanding Security to Ensure Compliance with HIPAA Healthcare is a natural environment for wireless LAN solutions. With a large mobile population of doctors, nurses, physician s assistants and other

More information

Avaya plus Skype for Business: The Best of Both Worlds

Avaya plus Skype for Business: The Best of Both Worlds Avaya plus Skype for Business: The Best of Both Worlds Table of Contents Begin with the Avaya Advantage... 1 Three Ways to Incorporate Avaya with Skype for Business... 2 Why Avaya is the Top Choice for

More information

6 Steps to SIP trunking security. How securing your network secures your phone lines.

6 Steps to SIP trunking security. How securing your network secures your phone lines. 6 Steps to SIP trunking security How securing your network secures your phone lines. The myths about SIP trunking can be misleading. There are stories that SIP has set off a cyber crime wave of corporate

More information

Avaya SBCE 6.3 Security Configuration and Best

Avaya SBCE 6.3 Security Configuration and Best Avaya SBCE 6.3 Security Configuration and Best Practices Guide Release 6.3 Issue 1.0 October 2014 1 2014 Avaya Inc. All Rights Reserved. Notice While reasonable efforts were made to ensure that the information

More information

CounterPath Bria with Oracle TSC Feature Pack. A Solution for Operator and Enterprise (OTT) Service Delivery. Solution Brief. www.counterpath.

CounterPath Bria with Oracle TSC Feature Pack. A Solution for Operator and Enterprise (OTT) Service Delivery. Solution Brief. www.counterpath. CounterPath Bria with Oracle TSC Feature Pack A Solution for Operator and Enterprise (OTT) Service Delivery Solution Brief Internet OTT (over-the-top) changes the way people communicate. Internet OTT services

More information

SangomaSBCs Keeping Your VoIP Network Secure. Simon Horton Sangoma shorton@sangoma.com

SangomaSBCs Keeping Your VoIP Network Secure. Simon Horton Sangoma shorton@sangoma.com SangomaSBCs Keeping Your VoIP Network Secure Simon Horton Sangoma shorton@sangoma.com Inside this Deck About Sangoma/ProVu SIP Market SBCs Demystified Business Applications and Use Cases Portfolio of SBCs

More information

Network Security Forensics

Network Security Forensics Network Security Forensics As hacking and security threats grow in complexity and organizations face stringent requirements to document access to private data on the network, organizations require a new

More information

ForeScout CounterACT. Continuous Monitoring and Mitigation

ForeScout CounterACT. Continuous Monitoring and Mitigation Brochure ForeScout CounterACT Real-time Visibility Network Access Control Endpoint Compliance Mobile Security Rapid Threat Response Continuous Monitoring and Mitigation Benefits Security Gain real-time

More information

PCI Compliance for Branch Offices: Using Router-Based Security to Protect Cardholder Data

PCI Compliance for Branch Offices: Using Router-Based Security to Protect Cardholder Data White Paper PCI Compliance for Branch Offices: Using Router-Based Security to Protect Cardholder Data Using credit cards to pay for goods and services is a common practice. Credit cards enable easy and

More information

Building the Lync Security Eco System in the Cloud Fact Sheet.

Building the Lync Security Eco System in the Cloud Fact Sheet. Building the Lync Security Eco System in the Cloud Fact Sheet. [Type text] The need to secure and deliver a compliant cloud solution to all transactions in and out of the fastest growing Universal Communication

More information

SIP Trunking Steps to Success, Part One: Key Lessons from IT Managers Who ve Been There

SIP Trunking Steps to Success, Part One: Key Lessons from IT Managers Who ve Been There SIP Trunking Steps to Success, Part One: Key Lessons from IT Managers Who ve Been There Q&A Session Date: Wednesday, April 13, 2011 Q: You have to partner with a provider in order to do SIP trunking, correct?

More information

The Fortinet Secure Health Architecture

The Fortinet Secure Health Architecture The Fortinet Secure Health Architecture Providing End-to-End Security for Modern Healthcare Organizations Introduction Healthcare providers are migrating from large, independent stand alone organizations

More information

WHITE PAPER. Wireless LAN Security for Healthcare and HIPAA Compliance

WHITE PAPER. Wireless LAN Security for Healthcare and HIPAA Compliance WHITE PAPER Wireless LAN Security for Healthcare and HIPAA Compliance Wireless LAN Security for Healthcare and HIPAA Compliance Wireless deployments in healthcare institutions have accelerated as mobility

More information

Payment Card Industry Data Security Standard

Payment Card Industry Data Security Standard Symantec Managed Security Services support for IT compliance Solution Overview: Symantec Managed Services Overviewview The (PCI DSS) was developed to facilitate the broad adoption of consistent data security

More information

Best Practices for deploying unified communications together with SIP trunking connectivity

Best Practices for deploying unified communications together with SIP trunking connectivity An Allstream White Paper Best Practices for deploying unified communications together with SIP trunking connectivity An Allstream White Paper 1 Table of contents Correct identification and maximization

More information

Solution Review: Siemens Enterprise Communications OpenScape Session Border Controller

Solution Review: Siemens Enterprise Communications OpenScape Session Border Controller Solution Review: Siemens Enterprise Communications OpenScape Session Border Controller Russell Bennett UC Insights www.ucinsights.com russell@ucinsights.com Introduction Those familiar with unified communications

More information

DoD UC Framework 2013, Section 4 Table of Contents TABLE OF CONTENTS. Section 4 Information Assurance

DoD UC Framework 2013, Section 4 Table of Contents TABLE OF CONTENTS. Section 4 Information Assurance , Table of Contents TABLE OF CONTENTS SECTION PAGE Information Assurance... 4-1 i , List of Figures LIST OF FIGURES FIGURE PAGE Figure 4-1. Example of Information Assurance Protocol Usage in the DoD UC

More information

Preemptive security solutions for healthcare

Preemptive security solutions for healthcare Helping to secure critical healthcare infrastructure from internal and external IT threats, ensuring business continuity and supporting compliance requirements. Preemptive security solutions for healthcare

More information

Best Practices for Outdoor Wireless Security

Best Practices for Outdoor Wireless Security Best Practices for Outdoor Wireless Security This paper describes security best practices for deploying an outdoor wireless LAN. This is standard body copy, style used is Body. Customers are encouraged

More information

Brochure. Dialogic BorderNet Session Border Controller Solutions

Brochure. Dialogic BorderNet Session Border Controller Solutions Brochure Dialogic BorderNet Solutions Supercharge Connections between Networks, Services and Subscribers with Ease and Scale The BorderNet family of session border controllers (SBCs) from Dialogic helps

More information

VoIP Logic HIPAA/SSAE SOC II Compliance Overview for Service Providers

VoIP Logic HIPAA/SSAE SOC II Compliance Overview for Service Providers VoIP Logic HIPAA/SSAE SOC II Compliance Overview for Service Providers VoIP Logic and HIPAA/SOC-II The Health Insurance Portability and Accountability Act (HIPAA) regulations, Medicare Improvements for

More information

Deploying a Secure Wireless VoIP Solution in Healthcare

Deploying a Secure Wireless VoIP Solution in Healthcare Deploying a Secure Wireless VoIP Solution in Healthcare Situation Healthcare is a natural environment for wireless LAN solutions. With a large mobile population of doctors, nurses, physician s assistants

More information

Adopt a unified, holistic approach to a broad range of data security challenges with IBM Data Security Services.

Adopt a unified, holistic approach to a broad range of data security challenges with IBM Data Security Services. Security solutions To support your IT objectives Adopt a unified, holistic approach to a broad range of data security challenges with IBM Data Security Services. Highlights Balance effective security with

More information

SITEL Voice Architecture

SITEL Voice Architecture SITEL Voice Architecture www.sitel.com SIP Voice Architecture: What is it? And how contact center operators can save money using it. By: Kevin Weier, Director, Global Voice Infrastructure and Architecture,

More information

Securing Patient Data in Today s Mobilized Healthcare Industry. A Good Technology Whitepaper

Securing Patient Data in Today s Mobilized Healthcare Industry. A Good Technology Whitepaper Securing Patient Data in Today s Mobilized Healthcare Industry Securing Patient Data in Today s Mobilized Healthcare Industry 866-7-BE-GOOD good.com 2 Contents Executive Summary The Role of Smartphones

More information