Unified Communications security specialist Sipera Systems announced the release of the UC-Sec 100 security appliance, aimed at providing comprehensive privacy and threat protection for small to midsize businesses using VOIP and unified communications.
With UC-Sec, Sipera said SMBs now can ensure their VOIP and UC deployments will help them remain in compliance with PCI DSS, GLBA, Sarbanes-Oxley, HIPAA, FERPA and other government and industry mandates regarding the control and privacy of information. Benefits include private communications across networks to devices in any location with IP communications access, SIP trunk termination and SIP trunk security to help decrease costs for connectivity to the public switched telephone network and protection against VOIP and UC security vulnerabilities and zero day threats, including toll fraud, eavesdropping and data theft.
“Enterprises around the world rely on Sipera Systems to protect their UC applications, networks and devices, and to support corporate initiatives to safeguard communications and satisfy privacy laws, regulatory mandates and confidentiality requirements,” said Sipera’s vice president of marketing Adam Boone. “This state-of-the-art communications security is now available to smaller enterprises in an economical and rapidly deployable solution.”
The company noted SMBs could employ UC-Sec to roll out new applications and take advantage of advances in VOIP and UC like IP video, collaboration tools, distributed call center services and integrated customer communications. Other features include managed remote communications support, providing VOIP and UC to distributed workers and offices and security across all applications in the unified communications infrastructure, including VOIP, instant messaging, video, presence and collaboration applications.
Sipera argues UC security has its own set of requirements that traditional data security techniques do not fully protect. Backed by the VIPER Lab team’s UC security research, the Sipera UC-Sec 100 is equipped with vulnerability information and accommodates up to 100 users and 50 simultaneous communications sessions per appliance. The UC-Sec 100 can be deployed in the DMZ between VLANS and is available immediately.
A recent report by the company showed VOIP toll fraud continues to escalate and is affecting both enterprises and service providers, and they stem from widespread gaps in insufficient VOIP and UC security architectures. Toll fraud occurs when unauthorized users, often external to the service provider or enterprise, exploit vulnerabilities to make toll calls to domestic or international locations. The unsuspecting enterprise or service provider is subsequently hit with extraordinarily high toll charges or call termination charges that have no clear cause.
Boone said they expected a correlation between growing awareness of VOIP and UC vulnerabilities and security best practices, and a decrease in toll fraud activity, but instead found the opposite, that toll fraud is on the rise. “Our customers are being proactive and designing effective security architectures that prevent toll fraud,” he said. “But fraudsters are aggressively figuring out how to exploit common security gaps found in many VOIP and UC deployments at enterprises and service providers that have not yet focused on this problem.”