Home » Internet » Mitigating Cloud Telephony Risks

TelephonyCloud_170x150x

Cloud telephony systems have been increasingly employed by companies as they have proven to be an efficient resource for full outsourced infrastructure, or just for remote hosting and collocation data centers. It has also proven to be effective cost wise, especially in reducing key infrastructure costs that require high investments.

However, as any user connected to the Internet is aware, the risk of getting malicious content such as spam, worms, and viruses is high. As cloud telephony systems become increasingly popular, the threats have evolved here as well. Since cloud telephony system is an integral part of the business, cloud telephony risk management is necessary to ensure that data is not loss and data security is maintained.

Evaluate the risks

As with any problem, the first step is determining the risks your business faces. A network security expert may be useful to assist you with determining these risks. Once the risks are determined, the most appropriate security framework can be chosen to fit your company.

Specific considerations with CSP (Cloud Service Provider)

The best way to safeguard any system is to know it inside and out. A discussion with the specifics of the system must be had with the cloud service provider. You must have information on what the basic systems architecture is, where the data is held, and who has access to the data.

Other information that needs to be clear is the following:

  • How, when and where is the data encrypted?

  • Are text protocols allowed and in use on the network?

  • How are incident responses handled?

  • What are the fault tolerance capabilities of the CSP?

The considerations do not stop there. You should also check what applications the CSP will be hosting, the information they contain, the internal technical standards that need to be replicated by the CSP, and the regulatory requirements that need to be met.

And of course, you should also check the security measures they support. The CSP must provide information such as the following:

  • Where encryption keys are stored and managed and who has access to them?

  • Are anti-virus and anti-malware installed on the server and workstations?

  • The password policy in place?

  • The firewalls and web filtering technologies in place?

  • The data leakage prevention controls in place?

  • The baseline security requirements installed for the applications, databases, systems, network infrastructure and information processing?

  • The wireless network encryption and are these networks isolated from other internal networks?

  • Is there is a two-factor authentication required for remote administration on all networking and infrastructure devices?

Selecting and applying the appropriate risk framework

After knowing the specifics of your cloud telephony system and then determining the risks, the next step is to select the appropriate risk framework to fit your system and then applying it. There are several frameworks to choose from to ensure cloud telephony risk management is effective.

Some of these frameworks are COBIT or Control Objectives for Information and Related Technology, ITIL or the IT Infrastructure Library, the ISO 27000x and the PCI-DSS or Payment Card Industry Data security Standard, and the CSA or the Cloud Security Alliance.

CSP Due Diligence

Cloud telephony risk management does not stop with the application of the security framework. CSP must still perform due diligence according to elements such as third-party reviews, documentation of information security and continuity programs, financial and insurance information, references and independent research, and vendor history.

Michelle Patterson is an avid technology blogger and writes extensively about IP/VoIP and Unified Communication. She works with some leading companies to understand the trends of these modern communication technologies.

Comments

comments

Latest

Apple Hardware Week
chips The Technology Behind a Live Casino
30 year internet The Internet turns 30 – pondering on the message from its maker
mac-skin The Perfect Gifts for the Tech-Friend in Your Life
travel mug Item of the Day – Bubba HERO Fresh Insulated Stainless Steel Travel Mug

Follow Us

Visit Us On TwitterVisit Us On FacebookVisit Us On GooglePlusVisit Us On PinterestVisit Us On YoutubeCheck Our Feed

Tech Geek Today

MonTueWedThuFriSatSun
    123
45678910
11121314151617
18192021222324
25262728293031
       
    123
45678910
11121314151617
18192021222324
25262728   
       
 123456
78910111213
21222324252627
28293031   
       
     12
3456789
10111213141516
17181920212223
24252627282930
31      
   1234
567891011
12131415161718
19202122232425
2627282930  
       
1234567
891011121314
15161718192021
22232425262728
293031    
       
     12
3456789
10111213141516
17181920212223
       
  12345
6789101112
13141516171819
20212223242526
2728293031  
       
      1
2345678
16171819202122
23242526272829
3031     
    123
45678910
11121314151617
18192021222324
252627282930 
       
 123456
78910111213
21222324252627
28293031   
       
      1
2345678
16171819202122
23242526272829
30      
   1234
567891011
12131415161718
262728293031 
       
   1234
567891011
12131415161718
19202122232425
262728    
       
1234567
891011121314
22232425262728
293031    
       
    123
45678910
11121314151617
18192021222324
25262728293031
       
  12345
6789101112
20212223242526
27282930   
       
      1
9101112131415
16171819202122
23242526272829
3031     
    123
45678910
11121314151617
252627282930 
       
 123456
78910111213
14151617181920
21222324252627
28293031   
       

New Book Now Available

My new book is now available on LeanPub. Buy it once and get lifetime updates everytime it’s updated. You never need to buy it again.

Buy Now